I see one possible flaw in your setup: On Fri, 17 Nov 2006, Dominique Goncalves wrote: > fw1: > pf.conf: > scrub in all > nat on fxp0 from !(fxp0) to any -> (fxp0) > pass quick on vr0 proto pfsync
Your pfsync interface is vr1, not vr0. I tend to use "set skip" for the
pfsync interface.
> pass quick on { fxp0 , vr1 } proto carp
So here vr1 should be vr0.
> pass all keep state
But you pass everything anyway, so I'm not sure it will fix your problem.
--
Cam
