4. Bridge filtering not working

Bridge filtering not working

  • S

    I've got a bridge setup between wan and lan, without filtering enabled, it obviously passes everything to lan.  when I enable filtering, will not pass any traffic. Only firewall rule is the default allow everything.  This is a new install, 1.2-release built on feb. 24.

    at first, I had the wan and lan ip set the same, I read that sometimes breaks the bridged filtering, so I changed the lan to a non relevant ip.

    still no change on passing traffic, but now I cannot access the gui from the lan side either by the wan address or the new lan address.  I can disable filtering, and of course the bridge passes all traffic along.

    I'm hoping to get this working, its for an apartment complex that provides internet access to its residents. They have a class c from their isp.

    the isp's router is the gateway, I want to put a bridging firewall right after their router, and if possible do nat to a 3rd interface on that firewall for the office network.  right now they are paying for dsl service for their office on top of the t1s for the residents.  if that has to be accomplished with a 2nd device, thats no big deal though to throw in a cheap router for them.

    Also want to know if qos will work on the bridge.  I'd like to be able to limit bandwidth at the firewall, right now I've got some bandwidth limits at the switch level, which is working ok, but the switches only let me limit port egress in 1mb limits and ingress in 512k increments

    Deltacom                              /–- private net (10.10.10.) will have office pcs, camera systems, switches
    deltacom ---- router (97.66.    .1) ----- firewall ----switch-------6x fiber to buildings -----3 switches in each building

    97.66.*.11-254 are for residents use

    thanks in advance for any help,

    Stephen

    0
  • H

    As you need a 3rd interface with NAT anyway try the following:
    WAN public IP
    LAN private IP for natted traffic
    OPT1 no IP and bridged to WAN

    The LAN-Interface is a bit specific when it comes to bridging though it should work as well. A bridged OPT doesn't need an IP so that might work better for you.

    0
  • S

    that worked great!  Thanks for the help.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy