Code:
FW1 FW2
bge0 (10.20.100.100) bge0 (10.20.100.101)
vip 10.20.100.102
bge2 (192.168.100.100)--------bge2 (192.168.100.101)
bge1 (10.20.200.100) bge1 (10.20.200.101)
vip 10.20.200.102
I have CARP setup and from the servers in the DMZ on the 10.20.200 network I am able to ping the WAN/Internet VIP 10.20.100.102 but I can't ping the LAN VIP 10.20.200.102 but am able to ping 10.20.200.100 and 10.20.200.101.
bge2 is the two cabled with crossover.
In fw1 /etc/rc.conf I have:
Code:
cloned_interface="carp1 carp2"
ifconfig_carp1="vhid 1 pass password 10.20.100.102/24"
ifconfig_carp2="vhid 2 pass password 10.20.200.102/24"
in fw2 /etc/rc.conf I have:
Code:
cloned_interface="carp1 carp2"
ifconfig_carp1="vhid 1 advskew 128 pass password 10.20.100.102/24"
ifconfig_carp2="vhid 2 advskew 128 pass password 10.20.200.102/24"
Is there a reason why I can't ping the VIP on the shared LAN?