Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Network Bridging

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kalons
      last edited by

      @kalons:

      Hi guys.
      I am new in Pfsense.
      Here is a quick question:

      After I installed the pfsense ISO into my desktop (with 2 NICs), and I want it to be a a transparent firewall.

      I set each step from this link: http://doc.pfsense.org/index.php/Tutorials

      But I found all the setting is all right but except the "Enable filter bridge" can not be selected under "filtering bridge" in System-> Advance.
      It reads:
      This setting no longer exists as it is unnecessary. Filtering occurs on the member interfaces of the bridge and cannot be disabled.

      And Issue 2:
      I skip to select "filtering bridge" and finish the rest setting, I can ping pfsense IP (WAN static IP) within LAN network but can not from WAN network.
      Is there any setting I missed to enable that?
      Thanks! :D

      …

      Hi Guys, I have fixed the issue 2. It caused by I set two same IP addr for LAN and WAN IP.
      And I change the LAN IP for a different one, I can ping from WAN.
      But there is another issue comes out.
      After I reboot the pfsense, the bridge will drop down (Means I can access webconfig and ping to it from LAN, but can not from WAN side)

      Unless I acess the webconfig, save the "Interfaces" ->WAN, "Interfaces" ->LAN, and it be normal as before I reboot it.
      (When I click Save, the command screen shows:
      bridge0: Ethernet address: xx:xx:xx:xx:xx:xx
      bridge0: Ethernet address: xx:xx:xx:xx:xx:xx
      Seems the bridge take effect again. And I can ping and access webconfig from WAN again.
      )
      I have check the setting in XML:

      • <interfaces>- <lan><if>fxp0</if>
          <ipaddr>192.168.206.8</ipaddr>
          <subnet>24</subnet>
          <media><mediaopt><bandwidth>100</bandwidth>
          <bandwidthtype>Mb</bandwidthtype>
          <bridge>wan</bridge>
          <disableftpproxy></disableftpproxy></mediaopt></media></lan>
      • <wan><if>rl0</if>
          <mtu><media><mediaopt><bandwidth>100</bandwidth>
          <bandwidthtype>Mb</bandwidthtype>
          <spoofmac><disableftpproxy><ipaddr>192.168.206.6</ipaddr>
          <subnet>24</subnet>
          <gateway>192.168.206.254</gateway></disableftpproxy></spoofmac></mediaopt></media></mtu></wan></interfaces>

      Seems like no any problem.
      But why the bridge will drop down after I reboot pfsense?
      Or I missed to config someting?
      Looking forward your reply. Thanks in advance!

      Hi Guys, I have solved all my problems myself.
      And Shared some experience to you all:
      1,  Don't set the same subnet in LAN interface compare to your WAN interface when you set bridge in Pfsense. Otherwise the bridge will drop down after you reboot pfsense. (That is you can access pfsense in LAN interface but can not from WAN interface. Happen to me many times, after I change the subnet for LAN interface, it becomes normal.)
      2,  "Enable filter bridge" happens on all bridge interfaces automatically now, so essentially the setting is checked all the time.

      1 Reply Last reply Reply Quote 0
      • W
        wallabybob
        last edited by

        The transparent firewall HOWTO says

        Keep in mind that the firewall now works transparent.
        This means that you also have to define what traffic is allowed to pass from the WAN-Interface.

        Have you added the rule(s) to allow PING traffic from the WAN?

        1 Reply Last reply Reply Quote 0
        • K
          kalons
          last edited by

          @wallabybob:

          The transparent firewall HOWTO says

          Keep in mind that the firewall now works transparent.
          This means that you also have to define what traffic is allowed to pass from the WAN-Interface.

          Have you added the rule(s) to allow PING traffic from the WAN?

          Yes, I know that, I set Rules for WAN tap, allow all pass from WAN.

          And do you know why the "Enable filter bridge" can not be selected under "filtering bridge" in System-> Advance?
          Thanks for your reply.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Did you read the message under the setting? The setting is gone because it is no longer needed; The directions you are following are outdated.

            Filtering happens on all bridge interfaces automatically now, so essentially the setting is checked all the time.

            The message was left there to avoid questions like this, it's fairly self-explanatory…

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • K
              kalons
              last edited by

              @jimp:

              Did you read the message under the setting? The setting is gone because it is no longer needed; The directions you are following are outdated.

              Filtering happens on all bridge interfaces automatically now, so essentially the setting is checked all the time.

              The message was left there to avoid questions like this, it's fairly self-explanatory…

              Thanks!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.