Bridge and NAT/route, 4 Interfaces
-
Hello,
maybe this question is a bit ridiculous (maybe not). But I want to know if I can run into problems with
this kind of setup. The box for pfSense isn't bought yet but it will have 4 nics/ports.Setup:
2 transparent Modems (means if you uplink a box it gets an official IP via DHCP (the IP itself is static))
from the same provider (maybe in the same subnet, don't know yet).
2 WAN (pfSense)
2 LAN (pfSense)What I like to do with the pfSense-box is:
WAN1------ NAT --- LAN1 --- Switch ---"LAN-interface" | | pfSense Multihomed-Server (no route/no forward between interfaces) | | WAN2------ bridge ---(LAN2)--------------"Wan-interface"Obviously no interactions between (WAN1 and WAN2) or (WAN2 and LAN1).
Q:
- Is it possible?
- Is the conf in pfSense straight forward or tricky?
- Can I ran into problems?
Thanks in advance.
Regards,
CD
-
So again (i hate that), I am speaking to myself …
According to this post:
http://forum.pfsense.org/index.php/topic,29657.0.htmlmy planed setup should work.
BUT, according to this posts:
http://forum.pfsense.org/index.php/topic,5439.0.html
http://forum.pfsense.org/index.php/topic,21077.0.html
http://forum.pfsense.org/index.php/topic,11155.0.html
http://forum.pfsense.org/index.php/topic,26479.0.htmland this bug-report:
http://redmine.pfsense.org/issues/729there are annoying behaviors in bridged setups with more than 2 interfaces.
So could someone give me some hints regarding:
Lets speak in pfSense words:
WAN1 --- WAN (NAT) LAN --- LAN1 --- Switch --- if_lan pfSense Multih. server WAN2 --- OPT1 (BRIDGE) OPT2 --- LAN2 -------------- if_wanI do not want that anything from WAN-LAN is traversing to
OPT1-OPT2, means no TCP/IP no ARP no … nothing.
Regarding above posts and bug I am not sure with that.To make it clear: My intention is to have "2 firewalls" combined
in one box. The 2 walls should be seperated as much as possible.Is this possible with pfSense?
Thanks.
Regards,
CD