Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Small ISP setup with public lan/wan adresses with PF 1.2.2.

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    1 Posts 1 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      malvank
      last edited by

      Hi,

      I have been using Pfsense for some time with public/private setup in several locations. But now i want to replace my small ISP gateway with a pfsense box. My environment looks ike this and i really need some opinion what setup is the best. The result i like to accomblish is no restriction to the public clients but traffic shaper enabled and DHCP/DNS assignment to clients via the box. PPTP client connections has to work from the LAN to WAN.

      From what i have seen that even if NAT is disabled i still get pptp problems restrictions from the lan to wan which means the fw is not fully transparent. I though this GRE limitation only applied if NAT was enabled?

      Remember this is a public gateway and FW/NAT is not needed if i can control the traffic in another way.

      I have tested this setup with fw rules any to any and NAT disabled?

      ISP–-(WAN:83.233.226.194/30)-----pfSense-----(LAN: 83.233.235.1/24) -----Wireless AP's ----- Wireles Client's
                                                            |                                                                          
                                                            |                                                                          
                                                            |                                                                          
                                                             ---------(OPT1: 192.168.1.1/24)   I use this port to configuring the box when I am onsite So i can make changes without unplugging the lan.

      Would it be better with a transparent bridged setup here and if yes why?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.