Configuring CARP firewall failover

This recipe describes how to configure two pfSense firewalls for failover.

Getting ready

Hardware redundancy requires additional hardware, of course. To configure a firewall failover, we will need two separate and identical pfSense machines. We also want each machine to have an additional interface dedicated to the syncing process (which we'll refer to as pfsync ). The example in this recipe will utilize two separate pfSense firewall appliances, each with three interfaces (WAN, LAN, and pfsync).

Note

The following interfaces will be configured with private IP addresses for the purposes of this example, but an actual configuration would require each WAN interface to be properly configured using the settings provided ...

Get pfSense 2 Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.