1
18.7 Legacy Series / OPNsense HA NAT VIP not working
« on: August 07, 2018, 09:13:45 am »
Hello,
I evaluate OPNsense in the latest version on VirtualBox. I'm quite happy so far. My setup:
opnsense01.localdomain
WAN 192.168.188.100
LAN 192.168.189.100
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254
opnsense02.localdomain
WAN 192.168.188.101
LAN 192.168.189.101
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254
client01.localdomain
LAN: 192.168.189.200
GATEWAY: 192.168.189.254
The NAT configuration on my is OPNsense Cluster is configured to use the WAN address of my Cluster. But with this kind of configuration the failover is not transparent. (wget is timing out after the failover) So I've decided to switch the NAT outbound configuration to use the WAN VIP. But after that the NAT access does not work anymore. A curl to an external website is running into a timeout.
The VirtualBox configuration is set to Promiscuous-Mode on all involved interfaces.
Could you please help me?
Regards - Willi
I evaluate OPNsense in the latest version on VirtualBox. I'm quite happy so far. My setup:
opnsense01.localdomain
WAN 192.168.188.100
LAN 192.168.189.100
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254
opnsense02.localdomain
WAN 192.168.188.101
LAN 192.168.189.101
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254
client01.localdomain
LAN: 192.168.189.200
GATEWAY: 192.168.189.254
The NAT configuration on my is OPNsense Cluster is configured to use the WAN address of my Cluster. But with this kind of configuration the failover is not transparent. (wget is timing out after the failover) So I've decided to switch the NAT outbound configuration to use the WAN VIP. But after that the NAT access does not work anymore. A curl to an external website is running into a timeout.
The VirtualBox configuration is set to Promiscuous-Mode on all involved interfaces.
Could you please help me?
Regards - Willi