Firewall with no NAT - Proper Connections / Addressing



  • I am interested in setting up a pfsense firewall on my home network instead of the currently in use Verizon FIOS Quantum Gateway firewall I am using. Due to where the Verizon box is installed in my garage and other issues, I am unable to use the Ethernet ONT and have to use the coax connection into my Verizon router. Currently I have several machines connected directly to the Verizon Router and others connected to a switch coming off the router.

    So my questions are:

    1. Where would I place the pfsense fw in this config? I am assuming between the Verizon router and the home network devices. I Could get another switch and hook up the devices that are directly connected to the Verizon Router currently.
    2. Is there a way to setup the firewall without NAT as NAT is already taking place at the router when information goes out.
    3. If I can set it up without NAT, how would I connect it up physically? For the network in and network out, how would I configure it?
    4. How would the devices get IP Addresses if the FW is in between the router and devices?
    5. Would the TV boxes be affected from getting program guides / DVR / etc? They get their connection / IP / config from the Verizon Router currently.
    6. Same question for wireless when it comes to getting IPs?

    Or is this just not something I can do properly with current setup?

    Looking for advice / options

    Thanks ahead of time for any info you can give....


  • Rebel Alliance Global Moderator

    You could set up pfsense as a downstream router without nat - IF!!! you have access into the verizon router to setup the transit network to the downstream router/firewall.

    I doubt they allow such things though..

    Your best bet is to just double nat, put everything behind pfsense. Aso to stuff that gets TV signal - you could put on the transit network between verizon and your router.