Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Initial Setup Configuration Template

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 86 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U Offline
      Username00
      last edited by Username00

      Coming from the Edgerouter series (that worked well) - there was a definite learning curve getting the Netgate 6100 operational in a similar way. Now that it's been working for a while - wanted to share my template configuration that should be easy enough to modify/compare to get you at least operational.

      Nothing too fancy: Single static WAN, with a LAN Bridge using 3 ports and the 4th LAN as a management interface. Wireguard setup (no clients added, but the framework is there).

      Even being fairly adept with the Edgerouter CLI and having some VLANs, the biggest hurdle for me was getting the bridge operational and then getting the firewall rules right. Also, the connected uplink switch is a Cisco48 and it was configured as a trunk - but it's a bit different on the Edgerouter series - so once I had the trunk config removed from the Cisco, then all the traffic started flowing as expected.

      Hope this helps someone. Let me know if I have any glaring issues as I mainly changed the names (and IPs) to protect the innocent.

      config_netgate_6100template.txt (based on v25.07.1)

      Interfaces:
wan: WAN
lan: LAN1
opt1: WAN_DHCP (disabled now, but configured as during testing)
opt2: BridgeLAN
opt3: Wireguard
opt4: LAN2
opt5: LAN3
opt6: LAN4


      WAN1 (Static): 192.168.68.68 /24 (GW: 68.254)
WAN2 (DHCP): TBD
LAN1-3/BRIDGE: 192.168.10.0 /24 (DHCP .200-224)
LAN4 (MGMT): 192.168.48.0 /24 (DHCP .200-204
Wireguard: 192.168.168.0 /24 (the keys are random)

      BRIDGE IP: 192.168.10.1
MGMT IP: 192.168.48.1
DNS: External providers
WG IP: 192.168.168.1

Firewall rules:
WAN: Inbound to WG UDP port
LAN 1-3: Access to LAN1 only
LAN4: Full access to both LANs and WG networks
WG: Full access to both LANs
Device: SSH and HTTPS enabled LAN only

LAN1-3: 1 DHCP Reservation
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.