On Sat, Oct 04, 2008 at 05:26:58PM -0400, Chris Buechler wrote: > Now I'm just as confused. :) You mentioned "the problem is that > LAN was on a different subnet. Put them on the same network > (different from WAN)" - what does "them" refer to then?
I presume this is the same problem as http://forum.pfsense.org/index.php?topic=11531.msg63655 My WAN IPs were from a public /24, my LAN IPs 10.0.0.0/24. With that setup all DNS requests from behind the transparent bridge would time out. I put some random IPs from the public /24 on LAN (different from WAN ones, since that is something FreeBSD doesn't like). The setup is like this: ____ ____ ____ gateway--| |----WAN(FWall1)LAN ---| |---host1---| | | |----WAN(FWall2)LAN ---| |---host2---| | | | | |---etc. | | |switch1 |switch2 |switch3 (I know that switch1 is superfluous, since emulatable with VLAN). > When bridging, the subnet in use on the member interfaces is > irrelevant. It won't affect behavior of filtering. There are some So I thought, too. Apparently, the subnet on LAN is important. > caveats when bridging LAN, like I would recommend disabling the webGUI > antilockout rule. -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
