Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New pfSense User

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    2 Posts 2 Posters 693 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bradbunch37
      last edited by

      I have some questions surrounding the integration of a pfSense router/firewall appliance into my current setup. I currently have AT&T fiber and am utilizing one of their fiber gateways (BGW210-700); I also wanted to clarify that I have NEVER used pfSense before. The fiber from outside is plugged into an ONT module in my computer room, and from there, the ONT feeds into the ATT gateway. From the internet port on my gateway, I am plugged into my Orbi Wifi 6 AC4200 router. I have been doing some research on how to take the BGW200-710 completely out of the picture using MAC spoofing to spoof the WAN port MAC address of the WAN port of the fiber gateway. I have read other posts where it is not possible to take the fiber GW out of the picture, because it still has to do EAPOL certificate authentication with the ONT in order to process internet traffic. The biggest reason most people want to TRUELY bypass the gateway is because of double NATing, invalid packets/packets being dropped, etc... I have also read that IP passthrough is NOT a true method of bypass.... I guess my overarching question is how do integrate my Orbi Wifi 6 AC4200 router into this setup? Would I be able to integrate a pfSense router into the mix and still be able to utilize my Orbi Wifi 6 router? Would I need to purchase a small switch (NetGear GS108, for example) and do VLAN 802.1Q tagging? My current setup is IP passthrough from the GW to the Orbi router, and I have the Orbi WiFi 6 router setup in AP mode, and allowing the fiber GW to the heavy lifting of processing and routing traffic to the Internet. Any help that any one of you could provide would be greatly appreciated, thanks!

      1 Reply Last reply Reply Quote 0
      • DaddyGoD
        DaddyGo
        last edited by DaddyGo

        @bradbunch37 said in New pfSense User:

        Hello,

        The key is to avoid dual-NAT (if your ISPallows it):
        F.E.: https://forums.att.com/conversations/att-internet-features/how-do-i-configure-att-bgw210-in-bridge-mode/5defca9bbad5f2f606709d08

        Orbi Wifi 6 AC4200 theme (use in AP mode):
        F.E.: https://www.youtube.com/watch?v=3YwkjTXrlsA

        build or buy a pfSense box and use this as a router + firewall
        (https://www.pfsense.org/products/)

        so,:

        ISP modem (BGW210-700 in bridge mode) + pfSense box + VLAN capable switch (even this is NetGear GS108) + WiFi AP (Orbi Wifi 6 AC4200)

        segment your network into VLANs

        +++++++
        if you have separate ONT + ISP router / modem devices from the service provider, in most cases they really can't be separated, but bridge mode works well

        in many cases, if you ask your provider and system allows (this is a case of installation topology), you can leave your ISP router / modem and go directly to ONT eth. port for public IP

        Cats bury it so they can't see it!
        (You know what I mean if you have a cat)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.