Project

General

Profile

Actions

Bug #13320

open

IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups

Added by Chris W about 2 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Gateways
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Release Notes:
Default
Affected Plus Version:
22.01
Affected Architecture:
All

Description

Configuration is an HA pair of 6100's with a failover gateway group, one ISP per gateway.

The intention is for IPsec clients use a 3rd party DNS service to resolve the VIPs in pfSense they initiate IPsec connections to, and those VIPs in pfSense would be the IP Alias type on the HA CARP VIPs as their parent interface.

However when attempting to create a gateway group with those two VIPs, they're not shown in the dropdown selection of the "Virtual IP" column in System > Routing > Gateway Groups, +Add.

Actions #1

Updated by Jim Pingle about 2 months ago

  • Subject changed from IP aliases created for use in a gateway group aren't visible as a possible Virtual IP choice when creating a new group or editing an existing one. to IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups
  • Category changed from Virtual IP Addresses to Gateways

Looks like it's because the group drop-downs filter based on the VIP interface and it sees the CARP VIP as the interface so it skips it, rather than looking up a layer.

Actions

Also available in: Atom PDF