Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Documentation on Transparent Bridging

    Firewalling
    3
    5
    395
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Com177
      last edited by

      I'm looking to buy either the Netgate 4100 or 2100 with pfSense and configure it as a transparent firewall. I went through the pfSense Documentation pdf and read what I could on transparent bridging. The internal/external bridging is what I think I need to do but it's only a few paragraphs. I am reading through the community post but it's clear that everyone has a different setup and the are only posting where they run into problems. I'm also looking at video posts. I also found some setup info from William Tarrh (outdated) and DNSthingy.

      Can anyone tell me if there is any more recent detailed info available on setting up pfSense as a transparent firewall? I want to know as much as possible before I incorporate a Netgate appliance into my LAN. My current setup is:

      INTERNET<---> Xfinity XB7 Gateway Modem (set to bridge mode) <---> Router (Synology) <--> L2 Managed Switch (VLAN) <---> various LANs with devices

      I want to put the Netgate between the modem and router. Thanks!

      V P 2 Replies Last reply Reply Quote 0
      • V
        viragomann @Com177
        last edited by

        @com177
        Bridging interfaces on pfSense is not a big deal. But I'm wondering, why do need to have it in transparent mode.
        As you're running a router in your network anyway, so why don't you want to let pfSense do the routing stuff? I don't know the Synology, but I can imagine that pfSense has better routing capabilities.

        When bridging pfSense interfaces, the only thing you have to care is that you don't lock out yourself, when you remove the IP from the member interface. Enable the bridge interface and assign another IP of the subnet to it first, then remove the IP from the member interface.

        Also consider the system tunables net.link.bridge.pfil_member and net.link.bridge.pfil_bridge for filtering on the bridge and members.

        C 1 Reply Last reply Reply Quote 0
        • P
          Patch @Com177
          last edited by

          @com177 said in Documentation on Transparent Bridging:

          INTERNET<---> Xfinity XB7 Gateway Modem (set to bridge mode) <---> Router (Synology) <--> L2 Managed Switch (VLAN) <---> various LANs with devices
          I want to put the Netgate between the modem and router

          Which Synology router do you have https://www.synology.com/products/compare/routers and what are you you intend to continue to use it to do?

          Also what is the anticipated router performance requirement (Wan speed, VPN speed, packages intended to run)?

          1 Reply Last reply Reply Quote 0
          • C
            Com177
            last edited by Com177

            My router is set up to do many other things besides simple routing (VM, VLAN, VPN and more) and I do not want to spend the time to reconfigure everything to the Netgate. Thanks.

            1 Reply Last reply Reply Quote 0
            • C
              Com177 @viragomann
              last edited by

              @viragomann Thanks for the reply. Can you point me to something more detailed. I need more than a general strategy. Again, thanks for answering.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post