Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense with multiple wan vlans and transparent bridging

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fcx
      last edited by

      Hello

      First, sorry for my poor english  :-[

      Second, I think i'm in the good section to place my question, but if i'm wrong, fill free to move it to the good place :)

      I'm new to pfsense and not a 'geek' in BSD not Linux world and I'm currently trying to deal with a specific setup for an FTTH (Fiber To The Home) connection in triple-play mode.

      As the current 'Residential Gateway' is all but the best router I have seen (no more than 8 forwarding rules, no dmz, hangs regulary, …), I try to replace it with a 'real firewall' with best features like PfSense.

      The current wiring is :

      fiber <-> Fiber/Ethernet100BaseT Tranceiver <-> Isp_Router <-> Natted Lan port and wifi port
                                                                                            <-> IpTv Port
                                                                                            <-> RJ11 analog phone port

      I want finally this :

      fiber <-> Fiber/Ethernet100BaseT Tranceiver <-> PfSense <-> Natted Lan port (and optionnal natted wifi port with Carp enabled)
                                                                                        <-> Isp_Router <-> Natted Lan port and wifi port (no more used)
                                                                                                               <-> IpTv Port
                                                                                                               <-> RJ11 analog phone port

      Each service (Internet, IpTV, VoIP) on the fiber/tranceiver side is associated to it's own vlan (802.1q tagged).
      And on the Vlan dedicated to Internet, the Isp use PPPoE.

      So I want the PfSense box to do the PPPoE connection on the 'Internet' Vlan, and do its normal job on it (natting, rules, ...); and for the two other vlans (IpTv and VoIP) do 'transparent bridge' on them for the 'bad' Isp_Router (at this time I don't try to replace the isp router to  manage the IpTv and VoIp channels :) )

      Someone could say 'Simply add a managed switch doing vlan and vlan truncking in front of the tranceiver and dispatch the vlans on the appropriate ports (untagged 'Internet vlan' to the pfsense port and the two other tagged to the isp router) !'
      Sure it will work, but I don't have a 'managed' switch, and that cost around 150/250$ ! I want to minimize the cost :) (for me and others)

      Can PfSense handle this scenario ?

      Any help will be appreciated  ;)

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Create 3 vlans at the interface that hooks into the fiber uplink (the WAN). These will show up as seperate interfaces after assigning them (you can do that from the shellmenu, option assign interfaces or from the webgui at interfaces>assign). Then configure your interfaces just like if they were real interfaces.

        1 Reply Last reply Reply Quote 0
        • F
          fcx
          last edited by

          Thanks Hoba for your help.

          So PfSense can do the work  :D

          I will take a try and report the result here ASAP

          Thanks again

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.