Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bridging help

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 403 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Q
      qbhatti
      last edited by

      Hi.

      I am fairly new to all of this pfsense stuff, and I need help.

      I have a forcepoint 1100 router that I managed to get hold of. It has 2x 10gb SFP+ and 8x 1g RJ45.

      I have setup lan0 as wan port, managed to get my head around the vlan tagging, and mac spoofing.

      the issue is I want to use all the other ports like a switch - to be able to access the pfsense router from any of the ports, and to allow any of the ports be given a DHCP address from the settings already provided. This way I can hopefully get rid of one of my switches.

      I cant get my head around this.

      I have setup LAN to be on IGX0 (10g port- this is set as 192.168.0.1) - but if I make a bridge with IGX0 and some other ports, it doesnt do the dhcp to the other ports.
      I have setup the bridge in assignements and added it to 'active' as well.

      Not sure where I am going wrong - I stupidly removed the LAN IP as I wanted to apply it to the bridge, but when i did that I had no access to the pfsense box without keyboard/screen.

      help!

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @qbhatti
        last edited by

        @qbhatti Did you add the firewall rule? https://docs.netgate.com/pfsense/en/latest/bridges/internal-networks.html

        Note a bridge like this is going to be slower than a switch as the router has to process all the packets going between PCs.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          In a stiuation like this you probably want LAN to be assigned as the bridge interface itself, bridge0.
          Then all the other ports you want added to that bridge.

          Otherwise if you disconnect the LAN port the DHCP server on it will stop since it sees the interface as down. It sounds like that might be what happened.

          You will want to have access to the firewall via some other interface while you set that up because it's very easy to lock yourself out. Ask me how I know. ๐Ÿ˜‰

          You probably want to the bridge filtering sysctls set to move filtering onto the bridge. That way you just have the LAN firewall rules to control all the traffic from clients on it.
          https://docs.netgate.com/pfsense/en/latest/bridges/firewall.html#bridging-and-firewalling

          Steve

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.