Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1G Copper Bypass Card

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    8 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hkjarral
      last edited by

      Hello,

      I have searched through forum and haven't had any luck. Has anyone successfully used and 1G copper bypass with pfsense on PC. I see silicom provides such cards and haven't found any post which confirms if its works with pfsense or not although silicom states its supported on FreeBSD. I am open to trying any other copper bypass cards as well.

      1 Reply Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator
        last edited by

        @hkjarral said in 1G Copper Bypass Card:

        Has anyone successfully used and 1G copper bypass with pfsense on PC.

        What for? What are you trying to achieve with it?

        Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        1 Reply Last reply Reply Quote 0
        • H
          hkjarral
          last edited by

          I am trying to set edge inline firewall with snort in bridge mode and bypass will be useful in case there is a power failure.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Bypass always seems like a good idea until you realize if someone knocks out the IDS on purpose, it's worthless.

            Sometimes it may be less convenient to fail closed, but it's more secure. Bypass is the wrong answer to that problem.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • H
              hkjarral
              last edited by

              I want to give it a shot and see how it works out. For now I need any information on quad port nic cards which support bypass. Here are my two options, I want to know if either of these would work.

              https://www.intel.com/content/www/us/en/ethernet-products/gigabit-server-adapters/pro-1000-pt-quad-port-bypass-server-adapter-brief.html

              or

              https://www.silicom-usa.com/pr/server-adapters/networking-bypass-adapters/gigabit-ethernet-bypass-networking-server-adapters/pe2g4bpi80l-bypass-card/

              Appreciate and help on these cards.

              1 Reply Last reply Reply Quote 0
              • JeGrJ
                JeGr LAYER 8 Moderator
                last edited by

                Sorry, any hardware I have/had that actually has bypass options I check it's disabled. What use for a firewall/border gateway/filtering device, if you could just launch a DoS against its filter to bring it down to bypassing? Never could make a usecase stick for bypass, so I'm no help I'm afraid. Just can add from real world scenarios that in 99% of all use cases I've seen, you don't want that. But maybe you found a useful scenario, then I'm happy to hear :) Power failures are no useful cases, as your firewall should be on an USV anyway (and be setup to restart after powerloss) and for those 1-2min, all customers are more happy to be safe than to have a potential security risk opened. :)

                Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                1 Reply Last reply Reply Quote 0
                • H
                  hkjarral
                  last edited by

                  Appreciate the feedback, I perfectly understand the least use case for bypass but in our case since our applications are mission critical and access externally, we cant even afford 1-2min downtime.

                  Anyhow I will work on something and see if I can workout something with code to deploy a fully working inline firewall with bypass capability on power failure. Since FreeBSD supports it, there might be some way around it.

                  Thanks for all the assistance.

                  1 Reply Last reply Reply Quote 1
                  • JeGrJ
                    JeGr LAYER 8 Moderator
                    last edited by

                    Thanks! I wouldn't mind your feedback on findings of the watchdog/bypass configuration. One simply doesn't know, when he meets the 1% he needs it for :)

                    Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                    If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.