Bug #13320
closed
IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups
0%
Description
Configuration is an HA pair of 6100's with a failover gateway group, one ISP per gateway.
The intention is for IPsec clients use a 3rd party DNS service to resolve the VIPs in pfSense they initiate IPsec connections to, and those VIPs in pfSense would be the IP Alias type on the HA CARP VIPs as their parent interface.
However when attempting to create a gateway group with those two VIPs, they're not shown in the dropdown selection of the "Virtual IP" column in System > Routing > Gateway Groups, +Add.
Files
Updated by Jim Pingle almost 2 years ago
- Subject changed from IP aliases created for use in a gateway group aren't visible as a possible Virtual IP choice when creating a new group or editing an existing one. to IP aliases with a CARP VIP parent are not available as VIP choices for gateway groups
- Category changed from Virtual IP Addresses to Gateways
Looks like it's because the group drop-downs filter based on the VIP interface and it sees the CARP VIP as the interface so it skips it, rather than looking up a layer.
Updated by Danilo Zrenjanin about 1 month ago
- File clipboard-202403231841-ijofs.png clipboard-202403231841-ijofs.png added
- Status changed from New to Resolved
Tested against 23.09.1.
It works as expected. I was able to choose Alias VIP (nested under CARP VIP IP) in the Virtual IP drop-down list.
I am closing this ticket as resolved.