Show Posts
1
High availability / Re: Problem with pfSync
« on: September 20, 2024, 07:39:51 pm »
Hello there,
Although the problem is solved for you, more people will visit this thread looking for a solution on this problem, therefore I want to raise another important aspect which can prevent the sync between the firewalls.
Please be aware that in order for the sync to work properly, the slave machine must have the interface used for pfSync on the list of interfaces where WebGUI is listening: System -> Settings -> Administration -> Listen Interfaces(under Web GUI). Although the master can ping the slave, the FW is not blocking anything, without the port 443 being open on the pfSync interface on slave, it will simply not be able to connect.
before:
Error:/usr/local/etc/rc.filter_synchronize: An error occurred while attempting XMLRPC sync with username root and https://10.9.8.3/xmlrpc.php fetch error. remote host down?
nc -vz 10.9.8.3 443
nc: connect to 10.9.8.3 port 443 (tcp) failed: Connection refused
after:
nc -vz 10.9.8.3 443
Connection to 10.9.8.3 443 port [tcp/https] succeeded!
Notice:/usr/local/etc/rc.filter_synchronize: Filter sync successfully completed with https://10.9.8.3/xmlrpc.php.
That solved the problem for me.
Although the problem is solved for you, more people will visit this thread looking for a solution on this problem, therefore I want to raise another important aspect which can prevent the sync between the firewalls.
Please be aware that in order for the sync to work properly, the slave machine must have the interface used for pfSync on the list of interfaces where WebGUI is listening: System -> Settings -> Administration -> Listen Interfaces(under Web GUI). Although the master can ping the slave, the FW is not blocking anything, without the port 443 being open on the pfSync interface on slave, it will simply not be able to connect.
before:
Error:/usr/local/etc/rc.filter_synchronize: An error occurred while attempting XMLRPC sync with username root and https://10.9.8.3/xmlrpc.php fetch error. remote host down?
nc -vz 10.9.8.3 443
nc: connect to 10.9.8.3 port 443 (tcp) failed: Connection refused
after:
nc -vz 10.9.8.3 443
Connection to 10.9.8.3 443 port [tcp/https] succeeded!
Notice:/usr/local/etc/rc.filter_synchronize: Filter sync successfully completed with https://10.9.8.3/xmlrpc.php.
That solved the problem for me.