Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
Can't ping HA interface IP
« previous
next »
Print
Pages: [
1
]
Author
Topic: Can't ping HA interface IP (Read 2016 times)
paul199513
Newbie
Posts: 12
Karma: 0
Can't ping HA interface IP
«
on:
November 14, 2022, 11:47:50 am »
Hello,
i have two OPNsense firewalls which are connected to a switch and also connected directly to use this port as pfsync. I have entered an ip of the same subnet, but the firewalls can't ping or reach each other. Do i need to configure something else?
Thanks i advance
Logged
Patrick M. Hausen
Hero Member
Posts: 6848
Karma: 575
Re: Can't ping HA interface IP
«
Reply #1 on:
November 14, 2022, 12:24:08 pm »
If you added the HA/pfsync interface as e.g. OPT1, there won't be any firewall rules present for that interface, initially. You need to add a rule permitting everything in on that interface (easiest way to permit "ping" as well as pfsync, XMLRPC, etc.)
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
paul199513
Newbie
Posts: 12
Karma: 0
Re: Can't ping HA interface IP
«
Reply #2 on:
November 14, 2022, 12:34:29 pm »
Hi, i configured the firewall rules already. I let every ipv4 traffic on that interface in.
Logged
paul199513
Newbie
Posts: 12
Karma: 0
Re: Can't ping HA interface IP
«
Reply #3 on:
November 14, 2022, 01:36:14 pm »
I was now able to ping the other firewall, but HA isn't working. In the menu is the info that the backup firewall is not accessible or not configured.
Logged
Chris78
Newbie
Posts: 3
Karma: 0
Re: Can't ping HA interface IP
«
Reply #4 on:
November 14, 2022, 01:43:19 pm »
Can the firewalls ping each other or only master to slave but not vica versa? Make sure the synchronize interface is the pfsync interface and that the Master firewall has the ip address of the Backup firewall configured in the pfsync Synchronize Peer IP and vica versa.
For synchronization, only configure XMLRPC Sync on the Master, use the pfsync address of the Backup firewall as Synchronize Config to IP and the admin credentials of the Backup firewall (or dedicated user account for synchronization).
Logged
paul199513
Newbie
Posts: 12
Karma: 0
Re: Can't ping HA interface IP
«
Reply #5 on:
November 14, 2022, 03:39:25 pm »
The firewalls can ping each other. I also checked with a port scan, if the backup firewall listens on the https port on the HA interface and got a succeeded.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
Can't ping HA interface IP