pfSense bridge mode
-
now the dialer is on the mikrotik, I can move the dialer to pfsense box and get the IP from isp address on the other side?
-
@avihu said in pfSense bridge mode:
I can move the dialer to pfsense box and get the IP from isp
Of course, I would have configured it this way anyway...
-
@daddygo
I leave the settings as they are and just configure the dialer in pfsense wan interface?
Maybe there is a guide? -
@avihu said in pfSense bridge mode:
I leave the settings as they are and just configure the dialer in pfsense wan interface?
Use the parameters provided by your ISP, connect to your modem and simply set up your pfSense WAN to PPPoE
-
@daddygo
Thanks, I did it already :)
Now the question is what do I define in the Mikrotik ether13 (dhcp client), before the change is was PPPoE Client with dialer. -
@avihu said in pfSense bridge mode:
I define in the Mikrotik ether13 (dhcp client),
following the description of Netgate, MikroTik can get IP from pfSense
-
tnx :)
-
and thanks again from another "Newbie"
-
@daddygo
After almost 3 weeks I did not have time and left it looks like I got back to it again :)I set the dialer on the pfsende wan side and it and it connected to the isp.
But the mikrotik does not get IP from the lan side, I try to define in the Mikrotik ether13 (dhcp client) But it still does not get an IP.
What I need to define in the connection type so the router get the external address? -
How many public IPs do you have?
If it's just one then pfSense will have that and the Mikrotic will have an internal IP. It seems like you might be attempting to setup something that cannot be done.
If you need the public IP on the Mikrotic you might want to setup pfSense transparently on the other side of it, the internal network.
Steve
-
@stephenw10
Hi
Its good to see familiar face, The last time we talked here was when you explained to me how install pfsense with lcdproc on WatchGuard Firebox (its still works).For now I just try to install transparent firewall bridge with PPPoE Client for snort IDS/IPS.
The WAN side is connected to ADSL modem.
and the LAN side connected to mikrotik or PC for now.The wan with PPPoE client get ip address from the ISP but not pass it to the lan side.
Before I added the PPPoE client the bridge work fine -
pfSense cannot bridge PPPoE to DHCP.
Snort cannot effectively see inside the PPPoE stream. Or at least the signatures are not intended to match that so it doesn't see the traffic as expected.
Your options here as I see it are either to not run pfSense transparently. Put the Mikrotik in a private subnet on it's WAN.
Or move the pfSense box behind the Mikrotik where it can be setup transparently and still see the traffic outside the PPPoE.
Or lose the Mikrotik entirely and using the pfSense as the PPPoE client and router/firewall/IPS etc.Steve