Which outbound IP address in a CARP setup?

Started by Patrick M. Hausen, April 06, 2021, 09:42:32 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 06, 2021, 09:42:32 AM
Hi all,

I will implement my first HA setup this week. With a pair of firewalls and CARP active, which IP address will OPNsense use for outbound connections to WAN/default? The individual firewall's address or the CARP one?

Important for mail, SPF records, etc.

Thanks!
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 06, 2021, 10:47:23 AM #1
I just put a HA setup in production two weeks ago.

The Firewall itself uses its own IP, internal IPv4 traffic behind the firewall should use outbound nat and the CARP address, same goes for IPSEC and other stuff that you want in HA.
April 06, 2021, 11:41:45 AM #2
Thanks. That means the only special case will probably be the postfix for outgoing email.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 06, 2021, 09:07:46 PM #3
Try setting SMTP Client address to LAN, then you can Nat to HA IP in WAN
Print
Go Up Pages1
User actions