Bridge not working



  • hi all
    reading and checking tutorials I was able to create a bridge between lan
    this is my config:
    HP DL380 with 4 integrated NICs
    1 Intel X540-T2 (dual port 10gbe)

    first 2 integrated NICs are for dual wan with failover,
    and the others 2 integrated NICs and the dual port intel are intended to use as switch (Router is connected as a bridge to have wireless in one of the integrated NIC)
    all computers have internet
    I was able to discovered and do ping only between integrated NICs
    I can't ping or connect between Intel or from intel to integrated lan :(
    if I disable firewall everything works fine but I do not have internet :(
    I copied the rules from one interface to the others so everything shuld be the same for all LAN :(

    here is the firewall rule
    [2.3.3-RELEASE][admin@Chris-Router.csh.cr]/root: pfctl -sn
    no nat proto carp all
    nat-anchor "natearly/" all
    nat-anchor "natrules/
    " all
    nat on bce0 inet from 127.0.0.0/8 to any port = isakmp -> 186.15.4.198 static-port
    nat on bce0 inet from 192.168.1.0/24 to any port = isakmp -> 186.15.4.198 static-port
    nat on bce0 inet from 127.0.0.0/8 to any -> 186.15.4.198 port 1024:65535
    nat on bce0 inet from 192.168.1.0/24 to any -> 186.15.4.198 port 1024:65535
    nat on bce1 inet from 127.0.0.0/8 to any port = isakmp -> 192.168.2.100 static-port
    nat on bce1 inet from 192.168.1.0/24 to any port = isakmp -> 192.168.2.100 static-port
    nat on bce1 inet from 127.0.0.0/8 to any -> 192.168.2.100 port 1024:65535
    nat on bce1 inet from 192.168.1.0/24 to any -> 192.168.2.100 port 1024:65535
    no rdr proto carp all
    rdr-anchor "relayd/" all
    rdr-anchor "tftp-proxy/
    " all
    rdr pass on bce2 inet proto tcp from any to ! (bce2) port = http -> 127.0.0.1 port 3128
    rdr pass on bce3 inet proto tcp from any to ! (bce3) port = http -> 127.0.0.1 port 3128
    rdr pass on ix0 inet proto tcp from any to ! (ix0) port = http -> 127.0.0.1 port 3128
    rdr pass on ix1 inet proto tcp from any to ! (ix1) port = http -> 127.0.0.1 port 3128
    rdr-anchor "miniupnpd" all

    bce0 and bce1 are WAN
    bce2 and bce3 are working fine issue is with ix0 and ix1
    any idea?



  • I think it was solved…
    created a firewall group for all lans and now is working fine..
    the only issue that I have now is that I can't log in to my NAS gui but I can access NAS share drive :O


  • Banned

    @csandoval012:

    I think it was solved…
    created a firewall group for all lans and now is working fine..

    Sounds like you missed the tunables part… https://doc.pfsense.org/index.php/Interface_Bridges

    P.S. Get a switch. Really.



  • @doktornotor:

    @csandoval012:

    I think it was solved…
    created a firewall group for all lans and now is working fine..

    Sounds like you missed the tunables part… https://doc.pfsense.org/index.php/Interface_Bridges

    P.S. Get a switch. Really.

    thanks, but it was already done
    the only issue that I have is accessing the NAS webconfig….

    and regarding getting a router I want to try creating a 10GBe router (buying one is more expensive than get some NICs)
    and I want to take advantage of the HP DL380 servers that I have without use....
    so far the router is performing excellent and the switch part is performing the same that the 1gbe asus switch that I was using previously, I'll see how it behaves once I get the 10gbe cards...


Log in to reply