• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Bridged Mode Firewall + Windows = Unable to access rest of subnet

Scheduled Pinned Locked Moved General pfSense Questions
7 Posts 3 Posters 1.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    jimxms
    last edited by Aug 11, 2009, 5:30 PM

    Hi Guys,

    I followed the instructions on how to turn pf into a Bridged/Transparent firewall and for the most part it seems to be working. Here are the basic settings:

    WAN
    IP: 212.6*.6.80 / 32
    Gateway: 212.6    .*6.1

    LAN
    IP: 212.6*.*6.80 / 24
    Bridge with: WAN

    Everything else in the instructions PDF followed including firewall settings and disabling nat etc.

    HOWEVER, my problem comes about when I configure my Windows PC's on the 'LAN' side. Here is the setting of one:

    IP: 212.6*.6.82
    Subnet: 255.255.255.0
    Gateway: 212.6    .6.80
    DNS: 212.6    .*6.3

    I can access the internet, but I cannot access other websites/machines that are on similar IP addresses like 212...85 (servers within my ISP's datacentre). I could almost convince myself that this is 'by design' if it wasn't for the fact that a linux machine configured with the network settings below can see all of the machines totally fine.

    IP: 212.*6.*6.84
    Netmask: 255.255.255.0
    Network: 212.*6.*6.0
    Broadcast: 212.*6.*6.255
    Gateway: 212.*6.*6.80

    Any ideas?

    1 Reply Last reply Reply Quote 0
    • J
      jimxms
      last edited by Aug 11, 2009, 6:47 PM

      EDIT:

      It would seem that the Linux box has stopped communicating with the other servers too. Is there any way to fix this?

      1 Reply Last reply Reply Quote 0
      • K
        kpa
        last edited by Aug 11, 2009, 8:42 PM Aug 11, 2009, 8:37 PM

        You need to use 212.6*.*6.1 as the gateway address on your hosts.

        Edit: Your WAN address setup is wrong if your subnet is /24, change it to 212.6*.*6.80 / 24

        1 Reply Last reply Reply Quote 0
        • J
          jimxms
          last edited by Aug 11, 2009, 8:56 PM

          Cheers for that kpa. I changed the WAN subnet to 24 as suggested and tested that all machines could still see google etc. However, when i changed the gateway of the machines from .80 to .1 all internet connectivity was lost :(

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by Aug 12, 2009, 1:57 PM

            /24 may not be the correct subnet for your WAN.  You need to speak with your ISP and ensure that you have the correct subnet mask.

            1 Reply Last reply Reply Quote 0
            • J
              jimxms
              last edited by Aug 12, 2009, 2:35 PM

              Well i only have about 6 IP addresses on the whole range, is that the problem?

              I thought netmask of 255.255.255.0 = /24 ? Or am I totally wrong :s

              1 Reply Last reply Reply Quote 0
              • K
                kpa
                last edited by Aug 12, 2009, 8:38 PM

                A /24 would mean that you have .1 - .254 addresses to use yourself from the subnet (.0 and .255 reserved). If you have only 6 addresses then you probably have a /29 but it looks like your setup may not be a standard one. I second what submicron says, ask your ISP for details.

                1 Reply Last reply Reply Quote 0
                6 out of 7
                • First post
                  6/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received