Problem with transparent Bridge WAN<->OPT1
-
Hey :-)
I've been using M0n0 for some time, but now for a new set of servers
I wanted to try out pfSense (Rc2a), as I like the Interface and the addon Packages…I have already set up a similiar network-config with M0n0, but I am having
problems setting this up with pfSense...I've got an HP-Server, equipped with 2 Dual-Port Intel Pro 1000/MT
Controllers.They are assigned to
- LAN
- WAN (80.xx.xx.2)
- OPT1
- OPT2 (not connected yet, later for CARP)
The LAN (10.x.x.x) is working perfect, I can go online and
all LAN-Clients can ping each other.The OPT1 makes problems, though:
The Servers which are located in OPT1 have external Adresses
(they are in the WAN-Space, e.g. 80.xx.xx.3, 80.xx.xx4, etc.) that's
why I have bridged OPT1 with WAN, activated the "filtering bridge"
and made two rules into OPT1:
block: * * * LAN net * * Block anything TO LAN
allow: * * * * * * Allow to anywhere else
(Before this, I only had one rule which was allow anything BUT Lan...
But I got an information that the negation-rules could have a bug, so I changed
to the two rules above...)The situation is now that all servers in OPT1 can ping each other,
but NOT the OPT1-IP of pfsense and cannot go online :-(
Also pfsense cannot ping the OPT1-Servers...The Servers have the WAN-IP as DNS and Gateway set up...
It would be great if you could help me as I already got problems here
because I didn't just use M0n0 again, but something else...
But I personally would like to use pfSense ;)So thanks a lot for your help and support :-)
-
Try enabling System -> Advanced -> Static route filtering
-
That did not work :'(
Do you have any other idea?
What I don't understand is why would I need different
settings than those I "copied" from M0n0?Isn't pfSense derived from Mono-Wall?
I really hope to get this working today :-\
Thanks for your help!
Chris