View Single Post
  #5   (View Single Post)  
Old 24th June 2017
da1 da1 is offline
Fdisk Soldier
 
Join Date: Feb 2009
Location: Berlin, DE
Posts: 49
Default

no luck at misc@ but here's what I did:

copy ipsec.conf from fw1 to fw2 and
Code:
rcctl enable ipsec
on both fw's.

I've established the VPN on fw1, demoted the carp, fw2 took over, the VPN continued working. Rebooted fw1 and did the same steps on fw2.

out of 200 ping packets through the VPN, we've lost 2x. Pretty good if you ask me.
Reply With Quote