Bridging interfaces



  • Hello,
    i am kind of newbie in PfSense implementation and i really need help on the following:

    I am using pfsense 2.0.1 with 3 physical network interfaces

    1. wan - it will be used as PTPPoE
    2. lan -  it will be used as a gateway to my lan using a private ip (192.168.x.x)
    3. opt1 - it will be used for giving internet access to my web server (using public ip which i got from my ISP.)

    I have managed to use wan interface on PTPPoE mode, and lan interface to route internet traffic for my local network (192.168.x.x) with any firewall and port forwarding rules i need ( i use a static internet connection with 8 ips block).
    Is there any way to use opt1 interface as a bridge in order to give internet access to my public ip base server and also use lan interface for my network?
    If yes, is there any procedure i must follow?
    Any help would be appreciated ..

    Thank you in advance

    Namp



  • http://doc.pfsense.org/index.php/Interface_Bridges

    Just select your WAN and your OPT interface in the bridge configuration.

    However i wouldn't do that in a setup as you describe it.
    Do you absolutely need the public IP on your server itself?

    IMO a better solution would be to add all your public IPs on the pfSense itself via Virtual IPs (VIP).
    –> Have a private subnet on the OPT interface as well and simply 1:1 NAT or normal port forward traffic from the VIPs to your server(s).



  • @namp:

    1. wan - it will be used as PTPPoE

    I'm not familiar with PTPPoE - did you mean PPPoE (PPP over Ethernet)? If so, I think you won't be able to bridge WAN and LAN because PPP WAN is not a "broadcast" interface.



  • Thank you for your reply.
    i definitely need to assign a public IP on my server. NAT is not working on the internet service i need (according to the internet service support team).
    I have tried to bridge WAN - OPT and after that, two more interfaces appear on Interfaces - Assign. The BRIDGE0 and an opt which has the same mac address with my WAN. Should i do something with them?
    If you thing that this is not a good implementation, i can use pfsense in bridge mode only and route internet traffic of my lan to another connection.

    Thanks again


Locked