Firewall Bridge…....Allow All



  • I need to allow all traffic, unristricted to flow through my firewall which i have in transparent mode.
    I have 2 rules in the firewall to allow this, one for LAN and one of WAN, but I believe they might not be correct.
    Customers with private ip address space seem to be working ok, but customers with public's appear to be having a lot of problems such as having to refresh web pages, only been able to ping ips and not able to get out onto the www, etc, etc.

    Can someone please post what I should have in my firewall settings?



  • You should have one rule on WAN and one on LAN that both look like this:

              • none

    If you're still having problems then they probably aren't related to your firewall rules.



  • @clarknova:

    You should have one rule on WAN and one on LAN that both look like this:

              • none

    If you're still having problems then they probably aren't related to your firewall rules.

    Yes that is the way I have it done.
    Thank you very much for your reply. I have now took the firewall out of the system as it was causing too much grief.

    I have put it in between our core router and a windows machine running remote desktop for testing purposes. The WAN ip of the remote desktop machine is 10.1.1.111/24, its gateway is 10.1.1.1 which is the LAN is of the core router. The core router is ipmapping the 10.1.1.111 IP to a Public ip so I can test it remotely from home. When I initialize a remote desktop connection from home, it just hangs and hangs. I can ping the publip ip of the remote desktop machine no problem. If I remove the firewall the connection works perfect. The firewall is definitly the problem.



  • The problem appears to be pfsense-related, but there is more to pfsense than just the firewall rules. You could have issues with IP settings, mtu, duplexing, fragmentation, scrub, bridge config, etc.



  • @clarknova:

    The problem appears to be pfsense-related, but there is more to pfsense than just the firewall rules. You could have issues with IP settings, mtu, duplexing, fragmentation, scrub, bridge config, etc.

    I followed this tutorial to the T….... 202.143.130.99/files/transparent_firewall.pdf
    I was thinking about MTU but could not find where they could be adjusted.



  • My problem seems to be that vpn's can not pass through the firewall correctly. I provide a number of customers with public ip address space.
    One way i give them this is to create a vpn from our uplink to their office to carry the IP address in. There customers can open up their homepage, just about and get no further. They can ping the Gateway no problem.

    This is beginning to drive me around the bend.



  • You may attract more help posting in the appropriate vpn section of this forum, since that appears to be the discriminating factor.


Log in to reply