Need an advice about bridging and dual wan
-
Sorry… I have read documentation and forum post, but can find any information about this. Maybe I missed something...
-
-
I missed this point about gateway condition… :( My fault...
Anyway, looking in second exmaple, is it possible to bound Pirelli with PFbox in such way that I can manage all firewalls rules and port redirections from PFbox?
-
No idea - I've never heard of a Pirelli router and as you've only provided a brand it's impossible for anybody to say. If it has something usually called "bridge mode" then yes, otherwise you're probably out of luck. Were you to provide the exact model, and ideally a link to a PDF copy of the manual, somebody may be able to say more.
-
The router is far away from me at the moment, but then I will find out the model I will announce it here. Looking at your answer if I understood properly, I need to look at Pirelli router capabilities for bridge mode. If it's meet this requirement I can connect it to PF and explore routing and firewall from PF. If Pirelli handles the bridge, what steps I need to do on PFsense box? I am using version 1.2.3. Looking at system > advanced i saw "Enable filtering bridge
This setting no longer exists as it is unnecessary. Filtering occurs on the member interfaces of the bridge and cannot be disabled." What does it mean? -
If the Pirelli supports bridge mode then you just have to ensure that the pfSense host is set for DHCP on the LAN interface. Don't enable the filtering bridge in pfSense.
As for the "no longer exists" option - have you bridged interfaces?
-
My PF has two nicks, one LAN and one WAN which interfaces are not bridged.
Ok, I will set up DHCP on PF LAN interface. What should I enter for PF WAN interface - public IP address or LAN IP address of my Pirelli router? -
"That depends"
Does your ISP allocated their IP address by DHCP, even if they are static? If so just set it to DHCP. If not then enter the IP address, netmask and default gateway as they provided.
-
Thanks Cry for the explanations, it was very helpful to me. I think to put my hands on this stuff next week. Happy New Year!
-
Another thought, not sure if this would help but I saw that you said that the ISP manages the pirelli box. You could just tell them to open ALL ports and forward them, and have pfSense manage it from there. That would essentially be akin to putting the pirelli in bridge mode, aside from really being in bridge mode.
It would be similar to some routers' "DMZ" mode.
