Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense can not act as transparent

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    7 Posts 3 Posters 969 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blackmetal
      last edited by

      hello,
      i have a router in first floor and a server in second floor and due to some limitaion i can not connect them physcally so i have put port switch for both of them in same vlan and route a /30 in my edge router to pfsense then in pfsense set first ip of /30 in virtual ip and set second ip in my router in first floor (my first floor router default route is set to pfsense virtual ip)
      note: my router is first floor has bgp with some customers and has gre tunnel.
      now the problem is pfsense does not act as transparent and i should add static route for every prefix in pfsense until packets forward to my router,
      any idea?
      thanks

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        I think we're going to need a diagram here. It's not clear what you're asking.

        Transparent how? Like a single layer 2?

        Steve

        1 Reply Last reply Reply Quote 0
        • B
          blackmetal
          last edited by

          this is the diagram
          Uplink <-> pfsense lan 1 (second floor of datacenter)<-> mikrotik lan1(first floor of datacenter)
          and yes want pfsense work as layer 2 does not do any routing just for inspection.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by stephenw10

            I don't see the edge router in that 'diagram' nor the device you describe as a server.

            Why have you setup a /30 transport subnet if you want it to be all on a single layer 2?

            That the link between pfSense LAN1 and Mikrotik LAN1 I assume? Using a new VLAN you put in?

            What exactly is pfSense doing in this setup?

            What's the goal here? To connect the Mikrotick to the uplink?

            Steve

            1 Reply Last reply Reply Quote 0
            • B
              blackmetal
              last edited by

              See i have a ddos protected uplink but i receive small attacks with 80mbps udp and 200k pps and these attacks bother my users so i have connect my ddos protected to pfsense and because mikrotik and pfsense are far away together we put them in samr vlan in port switch so we route a /30 to pfsense then route it to mikrotik.
              Is it clear?

              1 Reply Last reply Reply Quote 0
              • H
                heper
                last edited by

                So you are routing then? (Hence the /30)

                You can't be "transparent bridge" if you are routing.

                https://www.netgate.com/docs/pfsense/book/interfaces/interfacetypes-misc.html#bridges

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  So you are routing the /30 to pfSense, from the the edge router?

                  And then routing it to the Mikrotik?

                  None of that is Layer 2.

                  We are going to need a full diagram here with all the interfaces on each device and the IPs shown. It's not at all clear what you have here.

                  Also a clear definition of what you trying to achieve.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.