Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Bridge mode firewall IPS between ISP and our level 3 switch?

    Firewalling
    1
    1
    1278
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      themicro last edited by

      I am looking to add a transparent (bridged?) firewall prior to a Cisco 6509 switch.  I have a setup with a /30 from our ISP, in which they pass down to us our IPs so we can route and subnet to our liking (we issues /29s to each server).  I would like something prior to the Cisco 6509 for just IPS/Firewalling to catch some of the incoming or outgoing stuff, or to be able to null route or block IPs as we need.
      We are already behind TopLayer units that our ISP has, so it will be mostly minor stuff.

      Any ideas as to how I would do this…I assume I would bridge it and let it just be a "bump" in the wire, and use an interface with an IP assigned to it for management. 
      Do this make sense and how would this be setup?  Can SNORT also be used in transparent bridge mode like this?

      ISP ----PFSENSE/SNORT-----6509
                                              |  |
                                              |  |
                                            rack1  rack2  etc

      1 Reply Last reply Reply Quote 0
      • First post
        Last post