Topics

Has anyone done the IPSEC VTI implementation in a HA cluster?

I've tried it and the cluster was broken almost immediatelly.

Any working configuration guide or approach i should be aware of?

Thank you

Hi All

We just deployed our Data Center firewalls with two OPNSense VM firewalls.
The selection was between VyOS and PFSense.

Each one had its pros and cons.

One major issue that we face is that we cannot integrate the OPNSense firewall cluster to the SNMP monitoring service.

The firewall rules have been created and the flow is depicted as allowed in the firewall policies.

The NET-SNMP plugin has been configured with all needed information and the respective listening IP addresses, MGMT IP and loopback.

The service is reported as active in the service summary.

However, all SNMPWALK attempts fail with a time-out since no response is returned.
The same thing happens from within the OPNSense terminal.
"
snmpwalk -v 3 -u [SNMPv3USER] -a SHA -A [SNMPv3AUTHKEY] -x AES -X [SNMPv3PRIVKEY] 127.0.0.1
"

Are we missing something?

All feedback will be greatly appreciated.

Thank you
Best Regards
Konstantinos