Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help with bridging firewall/transparent firewall setup

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      richiela
      last edited by

      I've searched the forum and couldn't find anything on this so i must be missing something really really obvious.  I had pfsense previously setup back in the 1.01 days and hadn't touched it since.  A harddrive failure though is requiring me to rebuild.

      My setup looks like this:

      ISP –-> pfsense --> switch --> (wan external ip) wrt54g (lan 10.x priv) --> private 10.0.0.x clients
                                      |__ external IP webserver
                                      |__ external IP DNS

      I want pfsense to act like a transparent firewall just passing packets and filtering where necessary.

      I have followed the pdf file http://pfsense.trendchiller.com/transparent_firewall.pdf.  The only step that i couldn't was the enable bridge filtering which has been removed.

      WAN interface ip: 10.0.0.99/24
      WAN gateway: 10.0.0.1

      LAN interface ip: 10.0.0.100/24

      Firewall rules:
      for testing purposes i have create rules that allow ALL from LAN->WAN and ALL from WAN->LAN.

      So, i have connectivity from my private and external network to the internet, but when i try ping my servers from another location, all those packets seem to get dropped.  There are no dropped packets logged to syslog either.

      What exactly am I missing?  The only way i have gotten packets inbound is by assigning a real IP to the WAN interface and using a real gateway.  Did i miss an obvious step?

      Thanks

      1 Reply Last reply Reply Quote 0
      • R
        richiela
        last edited by

        For what it's worth… I re-installed 1.01 and used the same config and it worked fine.

        1 Reply Last reply Reply Quote 0
        • D
          d2globalinc
          last edited by

          I'm having this exact same issue after following that same HOWTO thats been floating around forever..  I can ping out, but can't ping my internal servers which are using public IP's.. Anyone else know if the best fix is to just go back to an older version?

          Thanks!

          • D2G
          1 Reply Last reply Reply Quote 0
          • R
            richiela
            last edited by

            bump?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.