Problem with LAN public (static) IPs configuration



  • I want to establish local LAN subnet with the public IP's xx.xx.80.192/27.
    Our WAN xx.xx.16.1/23 has gateway on the address xx.xx.16.200.

    I want to build a simple router firewall with the pfSense.
    The PC router has two NIC - rl0 and rl1. The rl0 is connected to WAN via static IP xx.xx.16.60/23 with gw address xx.xx.16.200. The rl1 is connected to LAN with the public IP address range xx.xx.80.192/27.

    WAN            pfSense GW            LAN
        xx.xx.16.1/23 – xx.xx.16.60 (rl0)
    (GW:xx.xx.16.200)    xx.xx.80.192(rl1) -- xx.xx.80.192/27
                                          (GW:xx.xx.80.192)

    I have configured the pfSense like a transparent bridge (http://pfsense.trendchiller.com/transparent_firewall.pdf) except that I didn't check the "Enable the filtering bridge" and I leaved the default LAN IP configuration "Bridge with" to "none".
    Also I have disabled the DHCP service.

    My problem is that I can connect to WAN only with the clients which have Windows 2000.
    The other clients with Linux or Win XP can't connect neither to the WAN nor to the pfSense WebGUI on the local address xx.xx.80.192.

    Can anybody help me what is wrong?



  • @robob:

    I want to establish local LAN subnet with the public IP's xx.xx.80.192/27.
    Our WAN xx.xx.16.1/23 has gateway on the address xx.xx.16.200.

    I want to build a simple router firewall with the pfSense.
    The PC router has two NIC - rl0 and rl1. The rl0 is connected to WAN via static IP xx.xx.16.60/23 with gw address xx.xx.16.200. The rl1 is connected to LAN with the public IP address range xx.xx.80.192/27.

    WAN            pfSense GW            LAN
        xx.xx.16.1/23 – xx.xx.16.60 (rl0)
    (GW:xx.xx.16.200)    xx.xx.80.192(rl1) -- xx.xx.80.192/27
                                          (GW:xx.xx.80.192)

    So far you look like you are setting up a Router (firewalled)… but it sounds like you also want it to act as a transparent bridge...

    I have configured the pfSense like a transparent bridge (http://pfsense.trendchiller.com/transparent_firewall.pdf) except that I didn't check the "Enable the filtering bridge" and I leaved the default LAN IP configuration "Bridge with" to "none".
    Also I have disabled the DHCP service.

    But here you are configuring as a Bridge - You can not have both worlds!  A router is a router and a bridge is a bridge - they don't mix.

    My problem is that I can connect to WAN only with the clients which have Windows 2000.
    The other clients with Linux or Win XP can't connect neither to the WAN nor to the pfSense WebGUI on the local address xx.xx.80.192.

    Yep - the pfsense machine is acting as a bridge…
    gm...



  • Sorry guys. My mistake. In our subnet the lowest IP (and also the highest) number cannot be assigned to the router gateway. I have changed the gw IP's from xx.xx.80.192 to xx.xx.80.193 and everything goes OK now.


Locked