Bridging interfaces
-
Hello,
i am kind of newbie in PfSense implementation and i really need help on the following:I am using pfsense 2.0.1 with 3 physical network interfaces
- wan - it will be used as PTPPoE
- lan - it will be used as a gateway to my lan using a private ip (192.168.x.x)
- opt1 - it will be used for giving internet access to my web server (using public ip which i got from my ISP.)
I have managed to use wan interface on PTPPoE mode, and lan interface to route internet traffic for my local network (192.168.x.x) with any firewall and port forwarding rules i need ( i use a static internet connection with 8 ips block).
Is there any way to use opt1 interface as a bridge in order to give internet access to my public ip base server and also use lan interface for my network?
If yes, is there any procedure i must follow?
Any help would be appreciated ..Thank you in advance
Namp
-
http://doc.pfsense.org/index.php/Interface_Bridges
Just select your WAN and your OPT interface in the bridge configuration.
However i wouldn't do that in a setup as you describe it.
Do you absolutely need the public IP on your server itself?IMO a better solution would be to add all your public IPs on the pfSense itself via Virtual IPs (VIP).
–> Have a private subnet on the OPT interface as well and simply 1:1 NAT or normal port forward traffic from the VIPs to your server(s). -
- wan - it will be used as PTPPoE
I'm not familiar with PTPPoE - did you mean PPPoE (PPP over Ethernet)? If so, I think you won't be able to bridge WAN and LAN because PPP WAN is not a "broadcast" interface.
-
Thank you for your reply.
i definitely need to assign a public IP on my server. NAT is not working on the internet service i need (according to the internet service support team).
I have tried to bridge WAN - OPT and after that, two more interfaces appear on Interfaces - Assign. The BRIDGE0 and an opt which has the same mac address with my WAN. Should i do something with them?
If you thing that this is not a good implementation, i can use pfsense in bridge mode only and route internet traffic of my lan to another connection.Thanks again