On Fri, Aug 24, 2007 at 09:09:48PM +0200, Eugen Leitl wrote: > I've reconfigured two pfSense firewalls (1.2rc1) as a transparent bridge > (gateway and the WANs on a dedicated switch, LAN and hosted machines > on a yet another) according to > http://pfsense.trendchiller.com/transparent_firewall.pdf > and it a) works b) behaves as expected, with one firewall > routing the traffic, with the other accessible but not carrying > traffic (I have not yet verified that deactivating one firewall
Just verified this (by disabling one of the switch ports), and it does work on a 10-30 sec scale. Probably much slower than carp+pfsync, and it has the disadvantage that one has to keep the firewall rules synched manually (no way to do that with state, though). Too bad I don't have a 3rd hardware NIC in there. > will act as a poor man's failover, and neither have I made > this work with VLANs instead of a dedicated switch). > > Can I make this work with multi-WAN? Two firewalls as a transparent > bridge, each with a LAN and a WAN NIC?
