Transparent pfsense Firewall

  • All,

    I've used IPCop for years but never used pfsense.

    I'm planning on moving to another ISP at the end of next month (Fiber To The Cabinet line :D), I've bought myself a 24U Dell Rack from ebay pretty cheap, I've got a few other bits that will be going in it….anyway to cut a long story short, the new ISP gives you 8 public IP's so what I'm going to be looking to do with pfsense is:

    INTERNET <–-> Cisco 3620 Router <---> external pfsense <---> External Switch <---> internal pfsense  <---> Internal Switch <---> LAN Equipment

    I'm not sure whether I will use VMWare ESXi or Hyper-V but I will have virtual servers running.

    I would like to have servers sitting on the external switch with a PUBLIC IP, I do not want to use NAT. I would like the external pfsense firewall to block more than filter….so say I only allow ports 20, 21, 22, 80, 443 inbound to either all public IP's or selected public IP's and all other connections are denied.....I will probably have to lookup how to do the same with the Cisco router too.

    I believe this is possible with a PIX box from this post here -

    The internal pfsense firewall will use NAT.

    I am edging towards VMWare over Hyper-V as a) it's Linux and has less updates, b) the IT department in work swear by VMWare and c) I believe I have more control over virtual network using VMWare compared to Hyper-V - but I'm happy for somebody to prove me wrong.

    PS, is there a particular term for what I'm attempting to do with the pfsense box and cisco router?


Log in to reply