Well, what you read may not be fully correct.
VRRP is very special in its IP address setup. This has consequences for the traffic (did not read it but found out the hard way).
Requests that come in via the VRRP IP address are quite often answerred via it's master interface (IP address)
What I think happens ...
That has to do with the /32 and /24 subnet used.
The VRRP is a very small network, the VLAN is the larger, but overlapping network.
For routing the connect initiation via the router goes via the VRRP, the respons comes via the VLAN (because the requestor is part of the VLAN subnet, not part of the VRRP subnet)
With loose tracking in the FW that is no FW problem.
But my User Manager RADIUS service did not work this way. The request via VRRP address , answered via the VLAN address was apparently not accepted by the RADIUS client AP (wrong src IP for answer? I assume)
I had to change the RADIUS connect setting in the AP to the VLAN address, not the VRRP for RADIUS to work.
Look at your interface counters, and try to understand what happens ...
VRRP is very special in its IP address setup. This has consequences for the traffic (did not read it but found out the hard way).
Requests that come in via the VRRP IP address are quite often answerred via it's master interface (IP address)
What I think happens ...
That has to do with the /32 and /24 subnet used.
The VRRP is a very small network, the VLAN is the larger, but overlapping network.
For routing the connect initiation via the router goes via the VRRP, the respons comes via the VLAN (because the requestor is part of the VLAN subnet, not part of the VRRP subnet)
With loose tracking in the FW that is no FW problem.
But my User Manager RADIUS service did not work this way. The request via VRRP address , answered via the VLAN address was apparently not accepted by the RADIUS client AP (wrong src IP for answer? I assume)
I had to change the RADIUS connect setting in the AP to the VLAN address, not the VRRP for RADIUS to work.
Look at your interface counters, and try to understand what happens ...
Statistics: Posted by bpwl — Thu Jan 18, 2024 11:53 pm