Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Clean Install with pfsense 2.0 using transparent firewall

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    44 Posts 7 Posters 23.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ
      jimp Rebel Alliance Developer Netgate
      last edited by

      Traditionally they do not, but it's acceptable to have an IP on the WAN side and bridge the LAN to WAN, leaving LAN without an IP address.

      On 2.0 you'd actually want to have WAN and LAN without an IP, and have the bridge interface assigned and have your "WAN" IP be assigned directly to the bridge interface.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • N
        Nicklas
        last edited by

        But if you have only 2 interfaces you can only bridge them, and if you put this firewall in a DC how you get access to the GUI???

        btw, were can I find how to assign a "WAN" IP to the bridge?

        Thanks

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          When you bridge two interfaces, the bridge itself is a third interface.

          Ideally in 2.0 you want something like this (wan is em0, lan em1):

          OUTSIDE: em0 - assigned, enabled, IP type of 'none'
          INSIDE: em1 - assigned, enabled, IP type of 'none'
          WAN: bridge0 - assigned, enabled, with your WAN IP address

          Though that would be tricky to pull off with only two interfaces in the GUI. As a compromise, just configure up WAN, and enable LAN without an IP, then bridge LAN to WAN.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • N
            Nicklas
            last edited by

            Thanks, well I have 4 interfaces in it but created a lagg with them, I didn't know that by bridging the 2 you created a third interface.. :-)
            So, I checked this in my interfaces and indeed it is there the third one called OPT1. Now, when I assign this OPT1 to the WAN as you said, then I have assigned my external IP to the bridge, do I understand this correct now? sorry English is not my mother tongue… and I have sometimes trouble to understand what others try to explain :-))

            I have it like this at the moment;

            thanks very much for your time to explain.

            ![Bonding - LAGGs with the nics.jpg](/public/imported_attachments/1/Bonding - LAGGs with the nics.jpg)
            ![Bonding - LAGGs with the nics.jpg_thumb](/public/imported_attachments/1/Bonding - LAGGs with the nics.jpg_thumb)
            ![Bridge Lan with Wan.jpg](/public/imported_attachments/1/Bridge Lan with Wan.jpg)
            ![Bridge Lan with Wan.jpg_thumb](/public/imported_attachments/1/Bridge Lan with Wan.jpg_thumb)
            Interfaces.jpg
            Interfaces.jpg_thumb

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.