Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Packet passtrough based on mac address

    Routing and Multi WAN
    3
    6
    790
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Tiniduske last edited by

      Hi all,

      Long story short, i need to packets filtered on mac address to passed through  a pfSense router.

      Some more info  ;)
      I'm from Belgium, an isp (Telenet) here is using a settop box called digicorder of digibox (based on the function of the device)
      It need a direct connection to the modem from the isp, there can be switches in the path but no routers.
      The only thing i can filter on is a mac address.
      There are 2 options for the modem, 1 is a modem only and another is a modem, router and wifi combined.
      When you got a combined modem the digicorder ask for a internal ip 192.168.x.x from the router with a mac address and a second mac address ask a 10.x.x.x address from the isp servers for additional functionality (interactive, play on demand, those kind off things)

      Now i got a modem only and i need the explained functionality from pfSense if possible. So 1 mac address gets an internal ip address from my pfSense box. The other mac address need to send the packets to and from the modem off the isp as if there is no router (pfSense) in between.

      i know that it is layer 2 things on a layer 3 devices, i do have got ccna training, so i'm not a beginner, butt i'm not an expert by any stretch of the imagination. So maybe there is someone with more knowledge then me that knows how to do it. if it can be done.

      Maybe you can explain to me why it can't be done?
      i don't know the limits off pfSense.

      any advice is welcome,

      Greetz Tiniduske

      1 Reply Last reply Reply Quote 0
      • N
        nelioromao last edited by

        Firewall /  Interfaces / Bridges

        Just bridge the lan with the wan port

        The Lan port on the pfsense don't need to have one IP. but has to be enable

        For testing setup a rule on the firewall to allow all traffic from wan to the Lan and bridge  port.

        The modem from your ISP schooled be able to send all the setting for your setupbox

        1 Reply Last reply Reply Quote 0
        • jahonix
          jahonix last edited by

          @nelioromao:

          The Lan port on the pfsense don't need to have one IP.

          Great idea.
          The LAN port is where the WebGUI is bond to. No IP - no access. Better use an unmanaged switch instead of hilarious ideas.

          1 Reply Last reply Reply Quote 0
          • jahonix
            jahonix last edited by

            @Tiniduske:

            So 1 mac address gets an internal ip address from my pfSense box. The other mac address need to send the packets to and from the modem off the isp as if there is no router (pfSense) in between.

            On which VLANs does that happen?

            1 Reply Last reply Reply Quote 0
            • N
              nelioromao last edited by

              @jahonix:

              @nelioromao:

              The Lan port on the pfsense don't need to have one IP.

              Great idea.
              The LAN port is where the WebGUI is bond to. No IP - no access. Better use an unmanaged switch instead of hilarious ideas.

              Lan port <> Management port.
              The lan port to be used will be never the management port.
              Next time i will try to be explicit :)
              It works for me.

              1 Reply Last reply Reply Quote 0
              • T
                Tiniduske last edited by

                @jahonix:

                On which VLANs does that happen?

                i don't know, that a maybe can get discovered with wireshark.

                butt i can't have any vlan switching apart from one switch.  or i gonna need to buy a few new switches.

                @5E:

                Just bridge the lan with the wan port

                not an option
                i need the router (dhcp/NAT) function from the pfsense, i have a separate dns server running.
                i used to have a linksys router (cisco time) and then i had 1 lan port in bridge to the wan, butt that's not possible anymore.

                i got a tip for using a static dhcp for that mac address, and then a custom firewall rule, maybe is that an option.

                my network setup

                modem only -> pfSense -> unmanaged switch (8 ports) -> 3 pc's, 1 printer, 2 digicorders
                                                             |-> lite managed switch (24 ports) -> servers
                                                                          |-> unmanaged switch (16 ports)-> 2 pc's, printer, digicorder, ps3 
                
                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense Plus
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy