2 NICs to the same modem/router ?



  • Hello everyone .
    I've read about setting up Pfsense with 2 NICs in this way

    NIC1 WAN ] ADSL Modem > Pfsense
    NIC2 LAN ] Pfsense > Switch/router > PC

    but as it's require 2 NICs in most of cases , can both be connected to the same modem router ?

    WAN ] ADSL Modem/Router(Bridged) [A] > Pfsense
    LAN ] Pfsense(DHCP) > Modem/Router [A]
    PC1 > Modem/Router [A]
    will this work or do I really need to separate them with another router/switch ? if it works in somehow will it make conflicts ?

    Ex.
    Diagram :



  • You don't want to do that. In bridge mode the modem may not interfere, but what it should do and what it'll actually do are possibly two different things. Plus you want your unfiltered Internet completely separate from your LAN. Lot of possibilities for general network problems and security issues if you do that, keep your LAN separate from WAN.



  • Thanks for your replay .
    Well ,,

    I've done something similar to this with Virtual-machine
    it works without problems till now .

    with only 1 NIC [ 2 Virtual NICs ]

    Here's the diagram :

    Well there might be security issues or possible attacks from LAN side ,
    it's also possible that a client set a static IP and set the gateway to 192.168.1.1 , this is what i could find as an issue they can connect directly to the modem page without being controlled by pfsense firewall .
    but as this is home/family router this isn't a huge problem for me .. and no unknown clients could connect .

    I'm able to limit traffic & using squid .. all works fine
    since all devices go through vPfsense in the first place .

    what's not good is everything depends on the virtual machine even my pc connects through it, sometimes i have to reset my pc then the whole network is down.

    well the question now is , is the same thing possible with actual pfsense pc with 1 NIC in the place of virtual machine ?
    VLan maybe ? but I understood vlan as something different from creating virtual NIC .
    any idea ?



  • Hello,

    If a WiFi Router was set up to the so called "bridged mode" he is acting only likes a pure modem!
    And then there is no WiFi, VOIP or DHCP with routing in the game anymore, as I see it right.

    The other thing is the "Extender" device, what is an extender? It is in the real world a so called repeater
    and it is slitting the entire throughput to the half, even! And then on top it brings beside the "hidden station problem".

    well the question now is , is the same thing possible with actual pfsense pc with 1 NIC in the place of virtual machine ?
    VLan maybe ? but I understood vlan as something different from creating virtual NIC .
    any idea ?

    Doing something and it might be working, should not be the same as doing it in the right way
    without any issues that comes earlier or later or the whole construct is very crazy.

    Because pfSense will allow you to do something might be not the same as doing something sinful
    or in a common way, a NIC is able to get for only ~$10 or 6 € where should be the problem to insert
    one and all problems are gone? Using VLANs might be coming as a solution but in my eyes it is more
    then a work around thats it.



  • Hello ,
    thanks for your replay .

    If a WiFi Router was set up to the so called "bridged mode" he is acting only likes a pure modem!
    And then there is no WiFi, VOIP or DHCP with routing in the game anymore, as I see it right.

    I'm not sure if this thing was old and the technology goes over it with more options .
    I got WAG320N in bridged mode and WiFi works .

    The other thing is the "Extender" device, what is an extender? It is in the real world a so called repeater
    and it is slitting the entire throughput to the half, even! And then on top it brings beside the "hidden station problem".

    Yes , RE2000 repeater with same SSID and forgot to mention in diagram it has an IP .
    I don't have any wireless connectivity problems or loss in speed .

    _

    I know this is not the right way to setup Pfsense. I know it might lead to problems/security issues. But please ,  the question
    wasn't about getting another NIC nor buying another switch/router for the separated LAN Network (which is YES I'm able to build even a huge network .)

    it's about can this be done with actual Pfsense with 1NIC ? how to do the same process in vPfsense with actual Pfsense ? how to create a virtual NIC ?
    I like to mess & discover problems to learn and understand more about networks .



  • You can create a "router on a stick" with VLANs and a managed switch, yes.

    @Zedful:

    can this be done with … ?
    how to do ... ?
    how to create ... ?
    I like to mess & discover problems to learn and understand more about networks .

    If you want to mess up your network then go for it. Nobody does that on purpose so you're probably on your own.
    From the way you ask questions and the amount thereof it sounds more like you want your setup configured working.
    Do it the other way round and start simple if you really only want to learn.



  • You can create a "router on a stick" with VLANs and a managed switch, yes.

    Well yes , I'm getting 2 smart switches and they are in the way
    But
    ~
    Arghh ..

    Okay I will mess more , but could someone tell me at least if it's possible to create virtual Nic with actual Pfsense or not ?
    Yes/No question .. don't tell me how if you are not encouraging me to do , but I'm still wasting time trying to figure out how to do it, since you say nobody does that but i want to …



  • Yes.

    Interfaces | (assign) | VLANs
    …you probably wouldn't find it otherwise and there's no "virtual NIC" anywhere in the menu.

    Two things to keep in mind when working with VLANs:
    -do not mix tagged and untagged traffic on any interface. Stacking multiple tagged VLANs is fine, though.
    -avoid VLAN1 as it is a non-deletable default in a lot of gear.

    Good luck!



  • but could someone tell me at least if it's possible to create virtual Nic with actual Pfsense

    Only at the WAN Port or interface this will be needed and be able to realize.

    Go the way @jahonix was showing you up and then be happy with VLANs.


Log in to reply