Project

General

Profile

Correction #9638

Feedback on High Availability — Configuring High Availability

Added by Danilo Zrenjanin 9 months ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
Category:
High Availability
Target version:
-
Start date:
07/18/2019
Due date:
% Done:

0%

Estimated time:
Affected Documentation:
The pfSense Book, pfSense Documentation site (Wiki)

Description

Page: https://docs.netgate.com/pfsense/en/latest/highavailability/configuring-high-availability.html

Feedback:
Enable Configuration Synchronization (XMLRPC Sync)

  • Enter admin for the Remote System Username (other usernames will not work) - It is outdated. A new user can be created on the primary with hasync permission. After config is synced to secondary a newly created user can be used.

History

#1 Updated by Jim Pingle about 1 month ago

  • Category set to High Availability
  • Affected Documentation The pfSense Book added

A few extra notes from an overlapping entry in the internal Redmine:

The book still shows you can only use admin but that is no longer true:
https://docs.netgate.com/pfsense/en/latest/book/highavailability/example-redundant-configuration.html#configure-configuration-synchronization-xml-rpc

The 'wiki' docs do not say that but only use the admin user as an example:
https://docs.netgate.com/pfsense/en/latest/highavailability/configuring-high-availability.html#enable-state-synchronization-pfsync

Importantly nowhere mentions that the user used MUST either be the admin user or have the 'System HA node sync' privilege. Being in the default admins group in not sufficient.

Also available in: Atom PDF