Help with bridging
this is the setup:
dual internet connections <-> pfsense-A 2.0 <–-bridge---> pfsense-B <-> lan
the purpose of pfsense-B is:
- traffic shaping
- squid (doesn't work well on pfsense-A with the two ISPs)
i'm trying to lab this out in vmware workstation. pfsense-B has three nics:
em0 - wan: connected to pfsense-A
em1 - lan: connected to LAN
em2 - opt1: connected to a pc (because most of these configs cause me to lose access to em1 and em0)
After a clean install, I enabled the three NICs and put a single rule on each one saying allow any traffic
I went to assign interfaces and created a bridge with em0 and em1
I assigned this bridge to the LAN interface.
At this point, I am no longer able to access pfsense-B from the lan. I can still access it on opt1.
If I start a ping from the Lan to pfsense-A, using tcpdump I will see this:
lan host ARP who-has request -> pfsense-A -> pfsense-B
pfsense B ARP reply -> pfsense-A -> (then the packet is lost, not seen on lan wan or opt1)
so I have the bridge 3/4 of the way working. If pfsense-A would send arp (and then hopefully other traffic) back to the LAN, I will be up and running. Can anyone guess at anything I may be missing?
You can assign it as an optional interface the bridge and than it will work normally without dropping you from LAN!