Up to date manual for filtering bridge
-
Hi.
I read several articles and posts about filtering bridge set-up, but most refer to pre-2.0 release.
The link here also refers to 1.3.
http://pfsense.trendchiller.com/transparent_firewall.pdfIs there any simple guide, allowing to set filtering bridge, with WAN on one side, and LAN on the other, with management interface on WAN?
Speaking of, what the recommended standard, to have WAN on NIC 1, and LAN on NIC 2? Or in reverse?
Thanks!
-
I too would like to see a version of this transparent firewall manual for 2.0. I thought I had it set up correctly yesterday, but it stopped working after a reboot today!
-
I may try to put a quick update for the 2.x branch when I get some time unless someone beats me to it…
Basically though- (how I do it.)
If you can use 3 interfaces for ease... Otherwise start with a single (WAN) interface.
From LAN- Leave the LAN as is. It makes a great maintenance port
Go to interfaces- Assign- Bridges... Create the Bridge. Add two interfaces to the bridge. WAN and OPT2. Rename the interfaces before now if your gonna. Helps keep track.
Interfaces- Assign- Interface Assignments- create a new interface... Choose the bridge. Save.
Go to Interfaces- Bridge set up your address here... DHCP, Static ect...
Got to Firewall- NAT- Outbound... Choose manual outbound rules. Make sure the only rules there are for LAN and 127.0.0.1/8 (should be there with 2.1 automatically... may be also 2.0.1 but I dont remember.)
Go to Interfaces- WAN- set for none.
Go to Interfaces- Opt2 (or whatever you named it.) set for none.
Set up your firewall rules as needed.
If your gonna do this with just two interfaces Id make sure you only have WAN assigned to interface when you start to make sure you can build the needed rules to reach the gui before you lock the WAN out by adding the LAN interface. (Turns on the filter)
Anyone who see's any problems chime in. Im going by memory here... :)
-
http://forum.pfsense.org/index.php/topic,50711.0.html
Note the trip to "advanced settings" I forgot to mention…
Good writeup!