Need help setting up a Bridge adapter



  • I've been following this guide:
    https://community.adamnet.works/hc/en-us/articles/115002725594-Running-on-a-Transparent-pfSense-Bridge

    When I go to Assign interface - bridge - new and create the interface with my wan and lan ports, I lose the web interface and can't get it back.

    Same as after completing step 3 here:
    https://forum.netgate.com/topic/46137/pfsense-2-0-transparent-firewall-firewall-bridge

    Thanks!


  • Netgate Administrator

    What are you actually doing with pfSense here? It's better to avoid using bridges at all if you can.

    How are you connected when you add the bridge interface? Via the LAN?
    You might be creating a loop somehow when you bridge the interfaces depending on what is connected to what.

    If you need to actually filter traffic across the bridge I would personally leave the filtering on the member interfaces.

    Steve



  • I'm using an old desktop so it only has 2 NIC's.

    I want to bridge the 2 NIC's so it filters traffic on the way to the router.

    Can I accomplish this without a bridge interface?

    I'm not sure what interface I'm plugged into. The console isn't very descriptive on which port relates to each physical port. I know it shows the MAC address but unless it's printed on the side of the physical port, I don't know which is which.


  • LAYER 8 Netgate

    Personally, I would want a management interface for a device like that.

    Create a VLAN on the inside interface, assign it, enable it, number it, add firewall rules, etc.
    Connect it to a managed switch on a port that has that VLAN tagged and be sure you can access the firewall on that management interface using a workstation on that VLAN.

    You should then be able to bridge the untagged interfaces and configure them without locking yourself out of that VLAN interface.

    create the bridge, disable filtering on the bridge and enable filtering on the member interfaces and reassign WAN to BRIDGE0.


  • Netgate Administrator

    I mean is this just for home use? Between clients and an existing soho style router?

    The best solution here is to move routing duties to pfSense if that is the case.

    Steve


  • LAYER 8 Global Moderator

    Concur with Stephenw10 here, complex is normally not the best choice.. Why can you not just route/firewall with pfsense - if your current edge device can not be put in modem/bridge mode so that pfsense gets public IP on its wan.. Then just double nat.. Much simpler setup! Than bridging..


Log in to reply