Configuring CARP firewall failover

This recipe describes how to configure two pfSense firewalls for failover.

Getting ready

Hardware redundancy requires additional hardware, of course. To configure a firewall failover, we will need two separate and identical pfSense machines. We also want each machine to have an additional interface dedicated to the syncing process (which we'll refer to as pfsync ). The example in this recipe will utilize two separate pfSense firewall appliances, each with three interfaces (WAN, LAN, and pfsync).

Note

The following interfaces will be configured with private IP addresses for the purposes of this example, but an actual configuration would require each WAN interface to be properly configured using the settings provided ...

Get pfSense 2 Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.