The pfSense Store

Author Topic: How To Bridge PFsense 2.0 RC3  (Read 6765 times)

0 Members and 1 Guest are viewing this topic.

Offline darklogic

  • Full Member
  • ***
  • Posts: 175
    • View Profile
How To Bridge PFsense 2.0 RC3
« on: June 22, 2011, 08:48:45 am »
Ok, here goes. I have done some searching on the forums and have yet to find a clear cut way of creating a transparent filtering firewall under the pfsense 2.0 platform. From reading changes from 1.2.3-RELEASE to 2.0, I guess bridging is enabled already??? In 1.2.3-RELEASE, bridging seemed to be straight forward, you would go to the Interfaces and select LAN and say bridge with WAN and then have a local IP for administration purposes only.

Here is my task at hand. I have an Astaro UTM in front of my pfsense box. The 2 systems are both supermicro rack servers with an Intel Atom 330 with dual 10/100/1000 NIC's, which means I can only have a LAN and WAN, no room for OPT interfaces. I want to be able to pass traffic through my pfsense box to my Astaro LAN interface to the Astaro WAN out to the Internet. I also want my Internal systems to be able to recieve DHCP from the Astaro LAN back through the pfsense box, hence the purpose of the word transparent. I know this work when using Astaro with Untangle in transparent bridge mode, But I like pfsense better than Untangle when it comes to grainular packet filtering rules.

I would like to know if anyone has a step-by-step instruction of how to do this using PFsense 2.0 RC3? If so please do not assume just because you know how to do it, everyone else know so skipping that step is assumed to be everyone should know that. Obviously if I knew then I would not be asking for help, "right"!!! Anyways, if anyone could help my ignorance to figure this out, I would really appreciate it.

Thanks

MDP

Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5065
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: How To Bridge PFsense 2.0 RC3
« Reply #1 on: June 22, 2011, 09:37:00 am »
1: Interfaces --> assign --> bridges.
2: Create a bridge and add all interfaces you want as member.
3: Interfaces --> assign
4: Assign the bridge you just created. The bridge is treated like a normal interface. Configure IP's on this interface
(5:) Assign the interfaces which are member of the bridge. Set their IPs as "none".
(6:) Create firewall rules on the member-interfaces of the bridge to allow traffic.


If you only have 2 interfaces it might be a problem to configure it like this.
In this case you could, as an alternative, give an IP to the LAN interface don't assign the bridge and set the IP of the WAN to none.
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)