• I have a setup like this. I am bridging a internet connection to my pfsense router. So I have a internet connection coming in at one location and then I have 2 ubnt 5ghz radios both in bridge mode. Their ip addresses are 10.100.x.x and 10.100.x.x so they bridge the internet connection to my pfsense router to the internet interface of pfsense. My lan interface is 192.168.1.1 Internet works great and everything is running well accept I want to be able to access the 10.100 network from my 192.168.1.1 network so I can access the wireless bridge radios web interfaces. In the current config I can not ping or access the 10.100.x.x radios. I think I need a firefall rule set so I can access 10.100.x.x radios

    Any help is appreciated.


  • Any help is appreciated.

    I would try it out, but I am not really sure about. If something is bridged (Layer2) it is often becomes
    beside with a so called "hidden station problem" based on that transparent bridge, could this be the
    angle point or problem.


  • if you have no ip configured on your wan inside the 10.100.0.0/? range then you won't be able to reach the AP's.

    you might be able to work with a VIP of some kind.


  • I have ips configured on both sides of the bridge. and then on the wan side as well. I just cant get at the 2 bridged ap's from the lan side of my network.


  • @gator17
    You have the two ubqt units on 10.100.x.x subnet to allow management of the bridge.
    You need to have an IP on the connected interface (WAN interface) in this subnet also, in order to be able to access them on layer 3. (I think you have this done)

    You will then need to have rule/routes, to and from, the 10.100.x.x subnet to your LAN subnet, in order to support traffic to your ubqt management addresses. ( I think this might be what you are missing).

    The route/rule allowing traffic through the bridge is going to your WAN gateway at the other side of the bridge and so will not deliver you to the 10.100.x.x subnet.

    I hope this helps.
    John

  • LAYER 8 Netgate

    I would consider tagging the internet traffic across the bridges and putting the management of the units on a VLAN interface. I would tag them both but the ubiquiti gear seems to prefer untagged management.

    Internet source switch:

    Modem: Untagged VLAN 100
    Ubiquiti: bridge Untagged VLAN 200 Tagged VLAN 100

    Bridges

    SSID on Tagged VLAN 100
    Management: untagged

    Remote switch:
    pfSense: Tagged 100 & 200
    Ubiquiti: bridge Untagged VLAN 200 Tagged VLAN 100

    pfSense:

    WAN: VLAN 100 on eth0
    BRIDGE_MGMT: VLAN 200 on eth0 10.100.X.X