Firewall Setup with bridging (Tutorial?)

  • Hi everyone,

    I've setup a few PFSense machines in my time, but they were pretty basic routing + filtering setups.

    I'm looking to setup the firewall as pure filtering platform.  I know that the machine obviously needs an IP on the WAN.  I've setup the LAN interface to bridge to the WAN and setup the filtering bridge in the advanced settings (checked the checkbox).

    It seems I still have to have an IP on the LAN?  How do i get rid of that?  I have only a limited subnet for my collocation cabinet and need every IP I can get.  I don't want PFSense to do routing, we have a dedicated layer 3 router/switch (Catalyst 6509) to handle that.

    What am I missing?

  • You should be able to set the LAN IP to anything. Even IPs not from any of your subnets should work I think. You won't use it anyway for anything.

  • Hi hoba,

    Thanks for the reply.

    If I set the LAN IP to anything, how do I access the box?  Do I have to setup special rules for management?

  • You access it by the WAN IP.

  • Thanks!

    I'll give that a try today.

