Today I got a problem with the vrrp.
the master controller was not pinging the standby controller and they do not syncroniser configuration.
after a night of work I discovered that the IPSEC tunnel between the two controller not mount because of "enable nat source for this vlan"
indeed the vrrp is about VLAN 1 and as explained in the "CLI Reference Guide" must not enable nat for VLAN 1 because it prevents communication between a controller and IPSEC pair
I hope that this post will be useful
