Pf carp can't ping VIP

Code:
FW1                           FW2
bge0 (10.20.100.100)    bge0 (10.20.100.101)
                vip 10.20.100.102

bge2 (192.168.100.100)--------bge2 (192.168.100.101)


bge1 (10.20.200.100)     bge1 (10.20.200.101)
                vip 10.20.200.102

I have CARP setup and from the servers in the DMZ on the 10.20.200 network I am able to ping the WAN/Internet VIP 10.20.100.102 but I can't ping the LAN VIP 10.20.200.102 but am able to ping 10.20.200.100 and 10.20.200.101.

bge2 is the two cabled with crossover.

In fw1 /etc/rc.conf I have:
Code:
cloned_interface="carp1 carp2"
ifconfig_carp1="vhid 1 pass password 10.20.100.102/24"
ifconfig_carp2="vhid 2 pass password 10.20.200.102/24"

in fw2 /etc/rc.conf I have:
Code:
cloned_interface="carp1 carp2"
ifconfig_carp1="vhid 1 advskew 128 pass password 10.20.100.102/24"
ifconfig_carp2="vhid 2 advskew 128 pass password 10.20.200.102/24"

Is there a reason why I can't ping the VIP on the shared LAN?
 
Back
Top