Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cisco 3750 behind pfsense

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    3 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marcus556
      last edited by

      OK I've read multiple forums on Herr and can't seem to figure out my problem.  My network was working fine under untangle but I wanted to give pfsense ad blocking a go.  Here is how its setup

      ISP(modem/router with the public IP set to pass through to pfsense) <======> pfsense <====>Cisco 3750 operating as dhcp server router and has SVIs on it.

      VLAN 20 - 172.160.20.0/28
      VLAN 10 - 172.16.10.0/28
      VLAN 40 - 172.16.40.0/27

      I have a NP switchport link set between pfsense an 3750 with a /30 mask

      Pfsense - 192.168.2.1
      3750 - 192.168.2.2

      A static default route is configured on the 3750 as follows

      0.0.0.0/0 via 192.168.2.1

      I added the routes statically and with RIP comfigured.  The 3750 can ping the outside world aka the internet it can ping the pfsense box and all client machines.  The pfsense box can ping the outside world and the 3750 along with all clients connected to it.  My clients however can not ping past the IP address given to my 3750 that connects it to the pfsense box.  I have no clue what I am doing wrong and any help is greatly appreciated!

      Thanks!

      Marcus

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Did you create NAT rules under Firewall > NAT, Outbound Tab for all the subnets pfSense doesn't have interfaces for?  You will have to change it to Manual, or, if on 2.2,  Manual or Hybrid.

        Just duplicate what it did for the 192.168.2 network automatically but for the other networks.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • M
          marcus556
          last edited by

          if i wanted to turn pfsense into bridge mode how would i configure this on a 3750 switch? I followed this guide to bridge

          http://people.pharmacy.purdue.edu/~tarrh/Transparent%20Firewall-Filtering%20Bridge%20-%20pfSense%202.0.2%20By%20William%20Tarrh.pdf

          but am having trouble getting my PS4 out of a NAT type 3.  I figured putting the router in bridge mode would make things a little simpler when it comes to getting by the NAT type 3 as right now i think i have a double NAT issue

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.