Bridge and NAT through same interface?
Here's the deal, I have a pfSense connected to a LAN and all that is working fine. On the WAN port of the pfSense there is a switch that has 3 cables 1) ISP 2) pfSense 3) Exchange Server. So right now the exchange server is on the internet without any sort of firewall and that is not something I am liking.
The connection from the ISP is bridged, not routed.
Is there any way the Exchange server itself can keep the current IP (I.E.: ABSOLUTLY no configuration change on the exchange server) and then I can still pass this through pfSense. I do NOT want to do any sort of NAT or 1:1 NAT if possible. I was told this should work, but I am not sure:
- create new interface in the pfSense to connect Exchange Server to the interface
- Bridge the current pfSense WAN and the new interface]
- Create the relevant firewall rules.
Actually I tried this quickly and I could not get any traffic to pass.
You want to do it as you described, those are the 3 steps from the firewall perspective.
Then I do not understand why the traffic isn't passed?
Interfaces > Assign:
LAN: VLAN 3 on VR0
OP4: VLAN 10 on VR0
Interfaces > Assign > Bridge
Firewall > Rules > WAN:
Destination: Exchange IP (WAN IP + 1)
Firewall > Rules > OPT4: