Show Posts
1
High availability / Re: IPsec with HA and Carp failover issue
« on: February 02, 2023, 02:48:50 pm »
Hello All,
I have a slightly different question but in the same area (HA and IPsec VPN)
Could you guys help me with the idea to pick a method to disable IPsec on the standby node?
The only idea I have is to configure FRR and run OSPF with upstream router. After that it will be possible to advertise 0.0.0.0/0 to both active and standby OPNsenses and to disable FRR on standby, so VPN establishment process could be started only from active node with default route.
Kind regards,
Serg GR
I have a slightly different question but in the same area (HA and IPsec VPN)
Could you guys help me with the idea to pick a method to disable IPsec on the standby node?
The only idea I have is to configure FRR and run OSPF with upstream router. After that it will be possible to advertise 0.0.0.0/0 to both active and standby OPNsenses and to disable FRR on standby, so VPN establishment process could be started only from active node with default route.
Kind regards,
Serg GR