Show Posts
1
17.7 Legacy Series / IP Alias on top of CARP VIP
« on: December 03, 2017, 03:59:46 am »
Hi Guys,
I'm trying to configure 2 OPNSense in HA mode, I did the initial configs and the HA configs, everything works fine, but I have a lot of Public IP Subnets that are routed, I was testing with 2 /24 Subnet so I made the first subnet as the main interface IP's
fw1: x.x.x.2
fw2: x.x.x.3
carp VIP: x.x.x.1
the second subnet I added a static route then added another CARP VIP x.x.2.1, this setup works fine, but as I mentioned I have a lot of Public /24 IP's and I don't want to have VHID for each CARP VIP.
in pfsense there is an option to create an IP Alias on top on the CARP VIP but I can't see that option in OPNSense, also if I add the IP as a normal IP Alias that IP is not synced to the second firewall, so I guess to be able to sync all Virtual IP's they should be a CARP IP's.
please any help or more information on this would be appreciated I honestly don't want to switch to pfsense because of this reason.
Thanks
I'm trying to configure 2 OPNSense in HA mode, I did the initial configs and the HA configs, everything works fine, but I have a lot of Public IP Subnets that are routed, I was testing with 2 /24 Subnet so I made the first subnet as the main interface IP's
fw1: x.x.x.2
fw2: x.x.x.3
carp VIP: x.x.x.1
the second subnet I added a static route then added another CARP VIP x.x.2.1, this setup works fine, but as I mentioned I have a lot of Public /24 IP's and I don't want to have VHID for each CARP VIP.
in pfsense there is an option to create an IP Alias on top on the CARP VIP but I can't see that option in OPNSense, also if I add the IP as a normal IP Alias that IP is not synced to the second firewall, so I guess to be able to sync all Virtual IP's they should be a CARP IP's.
please any help or more information on this would be appreciated I honestly don't want to switch to pfsense because of this reason.
Thanks