Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bridge mode issue

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    6 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grrttmrtn
      last edited by

      Recently installed, bridged LAN/WAN, created OPT1 assigned IP, disabled NAT/DHCP.

      Network:

      modem -> pfsense -> f0/0 cisco t f0/1 -> cisco switch

      f0/0 ip address dhcp, nat outside
      f0/1 nat inside

      route = ip router 0.0.0.0 0.0.0.0 dhcp

      I have ports 443, 80, 53, 123 open but am unable to ping externally to host or IP from pfsense or browse the internet at all. Chrome and Windows give a DNS error. Everything is accessible internally.

      Is there a port I'm missing or something I need to change. Clients have gateway set up the router IP.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        Hooking up a PC directly to pfSense (LAN) - just using a switch in the middle, does work/ping ?
        You said you have "ports 443, 80, 53, 123 open". On LAN ? You know that "ping" is not a port, but a protocol, different from TCP and UDP ?
        By default, all is open on LAN, why changing that ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • G
          grrttmrtn
          last edited by

          Ports open on WAN, yes I know ICMP is not a port, but if configured correctly I would have guessed it should ping external sites. I will test just the bridged firewall hooked to the PC after work today.

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            @grrttmrtn:

            Ports open on WAN, ….

            Ports 443, 80, 53 and 123 open an WAN ???  :o
            So your GUI is accessible from WAN, thats right ?

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              You need to enable ICMP protocol to ping (no port). On that note, you should IMMEDIATELY close the rest. WTF.

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                disabled NAT

                In usual all is opened if the NAT is down!

                There are two common ways to do so:

                • Opening ports at the WAN interface
                • Disable NAT and all is open

                At today many peoples want to create a so called transparent firewall by bridging ports together
                and disabling then the NAT function at the WAN Interface and yes the most of them don´t really
                know what they are doing, but they are thinking this transparent firewall is much more secure
                then the others. I really don´t know from where this knowledge is coming or will be spread out
                but in this way the security is not gaining up in your network, believe me please.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.