Is pfSense usefull for me ?
-
Hi!
I just want to know if pfSense is usefull for me. Currently I have a ET/BWMGR firewall but with an old license and we are searching for a replacement.
I was trying pfSense with the LiveCD and I want to solve some questions. We have a connection from our ISP with 16 public IPs. Routing is just offered by the ISP with their own router, so we don't need routing functions.
Can we disable routing funtions in pfSense and use only bridge/firewall/traffic shapping ? We don't need to assign an IP to WAN interface, because we don't need routing. Routing is done at the ISP router. We will use a 3 NIC system, so 2 will be used to make the bridge (with no IP) and one to the internal LAN (192.168.x.x) to control the system.
Is this possible with pfSense ?
Thanks and sorry for the bad english!
-
In a bridgingscenario the trafficshaper won't work. This is a limitation atm. However firewalling will work fine. See http://pfsense.trendchiller.com/transparent_firewall.pdf for how to set it up.
Other option is to use virtual IPs to terminate all you public IPs at the pfSense itself and nat them to your hosts.
-
Thanks hoba.
But this document still assign an IP to the WAN interface and other IP to LAN interface.
It's possible to use pfSense, for example, to bridge from WAN to LAN without assign IP to this interfaces (and usign the firewall), and use OPT interface with a local IP to manage the system ?
This scenario will be more identical that current with ET/BWMGR.
Thanks!
-
It's a bridge so it's own IP is not needed. Assign an unused IP from an unused IP-Range to it. However then you won't be able to install packages, use DNS and so on at your pfSense.