This is probably the most common deployment scenario in which CARP is involved. There are two common deployment scenarios you could employ for a two firewall setup in which one firewall is designated as the failover. Both of them involve a single virtual IP for the LAN interface, separate actual IPs for each LAN interface, and the LAN interface on each firewall connecting to a switch on the LAN side. Allocating additional IP addresses for the LAN is not a problem, since these are private addresses. The WAN side poses a problem. The WAN interface of a firewall would normally be connected directly to our modem (or whatever other internet connectivity device we have) and the WAN interface would be assigned ...
Example 1 – CARP with two firewalls
Get Mastering pfSense now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.