Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How To Bridge PFsense 2.0 RC3

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 9.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      darklogic
      last edited by

      Ok, here goes. I have done some searching on the forums and have yet to find a clear cut way of creating a transparent filtering firewall under the pfsense 2.0 platform. From reading changes from 1.2.3-RELEASE to 2.0, I guess bridging is enabled already??? In 1.2.3-RELEASE, bridging seemed to be straight forward, you would go to the Interfaces and select LAN and say bridge with WAN and then have a local IP for administration purposes only.

      Here is my task at hand. I have an Astaro UTM in front of my pfsense box. The 2 systems are both supermicro rack servers with an Intel Atom 330 with dual 10/100/1000 NIC's, which means I can only have a LAN and WAN, no room for OPT interfaces. I want to be able to pass traffic through my pfsense box to my Astaro LAN interface to the Astaro WAN out to the Internet. I also want my Internal systems to be able to recieve DHCP from the Astaro LAN back through the pfsense box, hence the purpose of the word transparent. I know this work when using Astaro with Untangle in transparent bridge mode, But I like pfsense better than Untangle when it comes to grainular packet filtering rules.

      I would like to know if anyone has a step-by-step instruction of how to do this using PFsense 2.0 RC3? If so please do not assume just because you know how to do it, everyone else know so skipping that step is assumed to be everyone should know that. Obviously if I knew then I would not be asking for help, "right"!!! Anyways, if anyone could help my ignorance to figure this out, I would really appreciate it.

      Thanks

      MDP

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG Offline
        GruensFroeschli
        last edited by

        1: Interfaces –> assign --> bridges.
        2: Create a bridge and add all interfaces you want as member.
        3: Interfaces --> assign
        4: Assign the bridge you just created. The bridge is treated like a normal interface. Configure IP's on this interface
        (5:) Assign the interfaces which are member of the bridge. Set their IPs as "none".
        (6:) Create firewall rules on the member-interfaces of the bridge to allow traffic.

        If you only have 2 interfaces it might be a problem to configure it like this.
        In this case you could, as an alternative, give an IP to the LAN interface don't assign the bridge and set the IP of the WAN to none.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.