Pass through block of static ip's on OPT interface
-
I have a block of static ip's. One is assigned to the WAN port of pfsense. I want to assign some of them directly to servers on the OPT interface.
Not worried about setting rules to block traffic from OPT to LAN.Enabled OPT interface, set IPv4 Configuration type to None
Went to Interfaces, created a bridge between OPT and WAN
Created a rule to allow all traffic out on the OPT interface
IPv4 * * * * * * noneAnother rule to allow traffic from WAN to OPT
IPv4 TCP/UDP WAN address * OPT1 net * * noneChecked in ARP Table and could see the server.
Tried to ping it from within pfsense and it fails every time.
Searched the forum, tried the various methods and could not get it to work. Have no idea what I'm doing wrong.
-
Another rule to allow traffic from WAN to OPT
IPv4 TCP/UDP WAN address * OPT1 net * * noneYou only have allowed traffic from WAN address to OPT1. Allow it from anywhere.
You can tighten access later by splitting the rule in different ones for any destination + ports.
-
On the WAN rules, I edited the rule as suggested
IPv4 TCP/UDP * * OPT1 net * * noneStill nothing. It's as if pfsense doesn't know where to send the packets. When I did a traceroute, that failed too. Have a lot to learn about this wonderful firewall, but feel as if OPT should have an ip address so that it can route to machines physically attached to it.
When I get this figured out, I will write a full "How To" on getting this working.