PFSence with Enterasys L3 switch
-
Currently I do not a have firewall on my development network but interested in trying out PFSence.
My concern is that my ISP gives me 5 static IPs (66.118.XX.120/29) of which I want to be able to use all of them as I need to. 121 is my modem so 122 thru 126 is mine.
From previous attempts with PFSence, I remember it tries to act as a router & firewall.
So my question is how to setup my connection between the modem to PFSence to my layer3 switch so as to maintain the ability to use all of my IPs.
-
you can use IP aliases on pfsense to have all of your IPs as WAN interfaces
pfsense is a firewall, do you not want to NAT your traffic at all?
-
You could set it up as a transparent firewall, WAN and LAN bridged, but you would need to add a third interface for management. If you didn't want to use any of your public IPs for that it would have to be in a new private subnet that you have access to in some other way. Without a public interface pfSense would be unable to check for updates or monitor the connections at all. I've never tried to do this.
Steve
-
I am not sure about the NAT situation as of yet since the Entrasys L3 switch is a new device and IOS to me and it also has some awesome NAC software controls.
Initially I just want PFSence to function as a firewall between my internal & external networks.
With the L3 switch bare to the internet the Chinese IP's have been pounding me relentlessly. Thank goodness I use 24 character passwords!!!
