[SOLVED] Filtered Bridge + NAT

  • In the office we have a private LAN extension over a 10 Mbit fiber link to the data center where most of our servers are co-located. We also get our internet connectivity over this link.

    I have setup pfSense 2.01 as a filtered bridge on the office side of link. I have successfuly bridged WAN and LAN and everything works. Clients can get traffic in and out no problem:

    {internet}–-pfSense–-[Colo Switch]–--(fiber)----WAN([pfSense_Bridge]–-LAN([Office LAN switch]–-[Clients]

    Now on the pfSense Bridge I am trying to use a 3rd interface and NAT a separate subnet (to use for our wifi network) to the WAN:

    {internet}–-pfSense–-[Colo Switch]–--(fiber)----WAN([pfSense_Bridge]–-LAN([Office LAN switch]–-[Clients]
                          __DMZ–-[servers]                                                                   ___OPT1–---(192.168.300.254)[WiFi AP]

    on the pfsense Bridge I set the outbound NAT to manual, and disabled it for the 192.168.100/24 network, and enabled it for the 192.168.300/24 network, but it is not working. At this point I set the rules to allowe all traffic through the bridge, but the nothing is going through the WLAN interface.

    Any suggestion is appreciated.

  • Just an update. The traffic from OPT1(192.168.300.0/24) gets NATed correctly on the WAN port of the bridge ( and I can ping and access anything in the 192.168.100 network, including the gateway (, but no traffic is getting to the internet despite having a rule that specifically allows traffic from

    Updated 2: [SOLVED!]
    For some reason, the default route to the gateway was not in the routing tables of the pfSense bridge box despite being selected in the WAN interface settings as such. So I just went in the gateway page, clicked the edit button, left it unchanged and the clicked OK. That added the default route back and everything started working.

Log in to reply