Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need help with setting up pfSense as a bridging firewall

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 376 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Krispy
      last edited by Krispy

      Hi,

      I'm trying to set up pfSense in a transparent mode but it doesn't work. I'm not even sure if my setup will work but I read somewhere that it should work.

      I've got a dedicated server running ESXi 5.5 with only 1 network interface patched in. The server is connected directly to the Internet. My host can't have NAT so I need a transparent firewall.

      What I've done so far:

      • pfSense: assigned public IP to WAN interface
      • vSphere: created a new virtual switch not connected to a physical interface
      • vSphere: changed the vSwitch configuration to "ACCEPT" promiscuous mode
      • Added and enabled the new interface on pfSense, labelled as DMZ, IPv4 set to "none"
      • vSphere: added the new DMZ interface to the new virtual switch
      • pfSense: disabled outbound NAT rule generation
      • Added ANY rule to WAN and DMZ interfaces
      • No packet filtering is set on the bridge interface, only on the member interfaces

      I've got one host on the DMZ. I can see some traffic going out of the DMZ interface but I can't ping or SSH my host.

      Is there anything else I need to configure?

      Any help will be much appreciated.

      Thanks

      vSphere networking

      0_1539432858390_vmware.png

      Bridge config

      0_1539433140106_bridge.PNG

      WAN rule

      0_1539433159870_wan.PNG

      DMZ rule

      0_1539433172004_DMZ.PNG

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Do you see anything blocked in the firewall log?

        Do you see any states in the state table when you try to connect through it?

        What version of pfSense are you running? pfSense 2.4.4 is built on FreeBSD 11.2 and ESXi only supports that from v6.5 officially.
        https://www.vmware.com/resources/compatibility/search.php?deviceCategory=software&details=1&operatingSystems=232&productNames=15&page=1&display_interval=10&sortColumn=Partner&sortOrder=Asc&testConfig=16

        Steve

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.