Bridge LAN and OPT1

thegame · May 20, 2009, 7:19 PM

Let me start off with what we are trying to achieve. Currently we have our data network 192.168.1.X. We will be adding a new VoIP system that we need to put on a different subnet due to too many PC's on our current network. We will need to be able to access the phone system that will be on the VoIP network as well. My thought was to put a pfSense firewall in between the two networks and bridge the LAN connection with the OPT1 connection to achieve our goal. Is this a possible configuration? I have tried the setup explained above and am unable to pass traffic between the two networks. Any ideas?

Eugene · May 21, 2009, 6:22 PM

briefly:
two subnets -> no bridging.
two subnets -> routing+firewalling(if needed)

thegame · May 22, 2009, 1:03 PM

Thanks Eugene. I believe I have this working now. I'm still running into one issue. I have DHCP set up on the LAN interface. I want it to give IP addresses to the machines on the LAN network which it is doing correctly. My problem is that it's passing DHCP addresses over to the machines on the OPT1 network. Is there any way to stop this from happening? I already have a DHCP server set up on the OPT1 network. Thanks again!

Eugene · May 22, 2009, 1:05 PM

@thegame:

My problem is that it's passing DHCP addresses over to the machines on the OPT1 network.

Sorry, what do you mean?

thegame · May 22, 2009, 1:29 PM

I have two networks, LAN = 192.168.1.0 /24 and OPT1 = 10.10.10.0 /24. I have DHCP setup on the LAN interface of pfsense. I have an DHCP server set up for my OPT1 network that is separate of pfsense. The issue I am running into is that the DHCP server I setup on the LAN interface is giving out IP addresses to my 10.10.10.0 /24 network. I would like it to only give IP addresses to the LAN network. I am trying to accomplish where I have two separate networks that are able to pass traffic between the two. I would like to keep the subnets separate though and not have the LAN dhcp server passing ip addresses across the two networks. I hope that clarifies. If not please let me know. Thanks.

Cry Havok · May 22, 2009, 1:57 PM

Disable the DHCP server on the OPT1 interface.

thegame · May 22, 2009, 2:07 PM

Thanks Cry Havok. In my current setup I only have DHCP enabled on the LAN interface. It is still passing ip addresses to the OPT1 network.

Eugene · May 22, 2009, 2:17 PM

It's impossible. You do not use brindging, right?

thegame · May 22, 2009, 2:18 PM

I turned bridging off on both the LAN and OPT1 interface. I am able to pass traffic between the interfaces which was my goal. My other goal was DHCP on just the LAN interface.

Cry Havok · May 22, 2009, 2:34 PM

You have something else handing out DHCP leases on that network then (assuming you applied the change when you disabled DHCP on the OPT1 interface).

Does ipconfig/all show the pfSense host as the DHCP server for clients on the OPT1 network?

thegame · May 22, 2009, 3:53 PM

It seems as though after a reboot of the pfsense server everything is working correctly now. I am not receiving IP addresses on the OPT1 network and am able to pass traffic between the two networks. Thanks for all the great help…it's greatly appreciated.