Transparent Firewall behind another Firewall



  • Hi All
    I've seen some related posts but not quite what I'm looking for. If I missed it please feel free to just point me to the post.
    What I want is to be able to set pfSense up as a transparent firewall like what untangle does.

    ISP –----> FIREWALL --------------> ( [Wan Interface No IP] PFSENSE [Lan Interface 192.168.1.2] ) –------> Clients

    I am setting up PfSense in bridge mode behind another Firewall. How can I do this? Help anyone?



  • You are going in the right direction.
    There are several post on setting up a transparent firewall. There is a section in the book about bridging.
    This setup takes patience and getting each puzzle piece in place.
    I would have more, but it has been a long time since my last transparent FW.



  • Hi All
    I got the 2.1 Book and although it does discuss bridging, I am still having a bit of a problem setting up this config. I can't seem to get out on the internet. I am now trying assigning bridge0 and giving it an IP to see if that works. I won't be able to test it till later though.

    In the meantime, I'm looking for some feedback. Is there anyone who has done this?



  • The WAN doesn't need an IP address. There is probably something in the firewall that is killing it. Did you disable NAT? Can you ping your gateway? Could you give some details on how you set this up?



  • I just did a test with a single laptop and it seems to be working now. You are correct, the WAN does
    not need an address.

    I realize now that I have a separate issue when I consider what I eventually want to accomplish. I
    really want to block Internet Explorer from accessing the internet and I have just learned that a transparent
    squid will break the bridge. I will do another post for my new issue.

    Thanks for the help.


Log in to reply