VLAN + LAN = Bridge
-
Hello all,
I'm a newbie in PFSense. I have 3 interfaces:
LAN
WAN
VLAN which tag is 123 using the WAN interfaceI want to add VLAN and LAN interface using a Bridge but when I set up the bridge I lose connection to Internet, I can access the firewall and I can delete it and INternet connection works again. It seems the problem is in Firewall settings but I create severa rules to pass all traffic from VLAN to any and any to VLAN but the problem is still the same.
The VLAN is a network that belongs to other public IP address from Internet linked correctly, the only thing is the network are in the same subnet range 192.168.10.x. I know that is not the best settings to do it but at the moment is the only solution I have.
Can anyone help me?
Regards,
-
why do you think you want to bridge wan and lan??
What is it you want to accomplish exactly.. So this vlan is just to get you another IP address on your wan? why would you bridge that to your lan??
-
Thanks for your answer,
I want to see the computers in both places, VLAN and LAN place, although I know that they have the same IP subnet, this is only what I want to do. It's like a VPN but using only one subnet range.
Thank you.
-
not its nothing like a vpn.. Where is the vlan from, your isp
If you want a vpn then setup a vpn, you can use a tap interface if you want the other end to be on the same address space.
If you use a different on your lan then what is on your vlan you would be able to see computers in both places depending on what your firewall rules where.. There is no reason that I could think of to bridge these interfaces..
-
the other subnetwork comes from the Internet ISP connection and is a subnet like 192.168.10.x.
I know that is not a VPN, it's to connect two buldings but due to our programming software we have to preserve the same subnet range in both buildings.
In case the problem is in the firewall which rules I have to allow exactly?
I'm running pfsense 2.2.2.
Thank you.
-
So you have a isp connection between 2 buildings. And this 192.168.10/? is that network.. Then create a vpn over that using tap interface. Bridging is not what you want to do.. Or use a different network on the other side of your vpn you create and nat it if devices in your side need to only use IPs in there same network?
Why do you need same network? Are you broadcasting for name? Why not just fix lame software that can not talk outside its local netblock?
-
Thank you for your answers, at the moment I can't reprogram the software and I need connection.
I'll try to create a VPN server and a routing table to fix it.
Thank you,
