pfSense Between Modem and Full Router



  • I bought a minnowboard from Netgate and loaded pfSense. I would like to run this firewall between my modem and my router, leaving with firewall settings (dual layer firewall).

    I have my modem connected to ETH0 and pfSense pulls my WAN IP. My router’s WAN is connected to ETH1 and I have assigned it as 10.8.0.1/24 through pfSense.

    I do not get internet to my router.

    My router is set to automatic DHCP for WAN, which I am thinking is the problem? Is there a guide somewhere for this type of setup? I could not find one.

    Thanks



  • Is your modem acting as a bridge? > ETH0 should probably be DHCP, depending on your provider > Check.

    Is your modem a modem? Check if your LAN side of the modem is DHCP or static, I think it's preferrable to have it be static. In your case it should be set to 10.8.0.1

    Have your Router be static, eg. 10.8.0.2 and work from there.
    If youre not that familiar with networking, take a paper and draw every component from top to bottom and note youre settings in it.


  • Netgate Administrator

    It should work like that as long as the settings have been applied correctly and there are no conflicting subnets.

    However you will be (at least) double NATing which just makes things hard if you ever have to configure port forwards etc.

    If you connect the pfSense console does that have a real WAN IP? Can you ping out from there?

    You might have to spoof the MAC address on the WAN if your ISP requires that.

    Steve