bridging
-
hello
Thanks for your email
we have a 213.124.x.x subnet
My question is that if i replace the Ziggo router with an ISP router connected to my firewall which is also connected to my switch what do i need to do
Do i first set up a LAN interface with this internal address and then later use bridging to bridge it
Please just be a bit elaborate if possible point to the menu in the firewall -
So you have a public subnet on your servers directly?
-
This is just like us connecting to a datacenter which gives you all the same subnet with all the ip addresses in that subnet.
The questions how do we connect to the internet or outside world thru our firewall with a bunch of Ip address in the same subnet
Yes that is the subnet from the router which we don't have admin access to
Do we create a LAN interface with a LAN network and create a bridge .
I would be grateful if you can explain the steps in PFsenseThanks
-
You should be able to get that subnet routed to your firewall via some other IP to set this up correctly.
But otherwise you need to create a bridge containing the internal and external interfaces. I would then assign the the bridge interface itself and put an IP on that. You can only have an IP on one of the interfaces in the bridge.
You will probably want some out of band access via a different interface when you set this up as it's very easy to end up shut out of the firewall configuring a bridge from one of the interfaces in it.Steve
-
what do you mean by this
"You should be able to get that subnet routed to your firewall via some other IP to set this up correctly." how do i set this up correctly (new to pfsense)
Also "But otherwise you need to create a bridge containing the internal and external interfaces. * we dont have an external interface here as it is the ziggo router from the Telephone provider which we do not have access to
"I would then assign the the bridge interface itself and put an IP on that. You can only have an IP on one of the interfaces in the bridge."
does this mean one ip address for the internal interface of the bridge
"You will probably want some out of band access via a different interface when you set this up as it's very easy to end up shut out of the firewall configuring a bridge from one of the interfaces in it." How do i set this up -
i saw this does this ring a bell to you
https://community.adamnet.works/hc/en-us/articles/115002725594-Running-on-a-Transparent-pfSense-Bridge
-
Any more ideas i have not heared from you for a while
-
The steps in that guide will work OK. I would not move filtering to the bridge I prefer to see the rules on the incoming interfaces.
I would still want some out of band access though to avoid getting locked out of the device while you configure it. It will almost inevitably happen!
Steve
-
@stephenw10 said in bridging:
I would still want some out of band access though to avoid getting locked out of the device while you configure it. It will almost inevitably happen!
hello
Can you explain by out of bound access and also which device the firewall or switch
-
https://en.wikipedia.org/wiki/Out-of-band_management
When you configure the firewall if you are accessing it across one the two interfaces you are trying to bridge you will almost certainly get locked out of it during the process. You should have some other way of accessing it like using the console directly or a 3rd NIC connected for management.
Steve
-
Thanks a lot i now understand it probably thru the console
I also discovered in the link https://community.adamnet.works/hc/en-us/articles/115002725594-Running-on-a-Transparent-pfSense-Bridge
It uses the mac address of both the WAN and LAN interface rather than ip address when assigning the LAN and WAN interface to the BRidge
This has to be tested before knowing if it works
