First question.
We are planning to use PFsense as frontend gateway routing to customers
subnets, and in such architecture, we could use pfsense as pure routing
device, except we want to protect the "LAN" network.
Does the "disable firewall" option exclude completely any NAT or
filtering rules, without any possibility to protect the LAN interface?
Second question.
We may have one frontend Internet link doubled on two FE switches (using
redundant switches and spanning tree features), so if one FE switch
fails, we can have the connection on the other FE switch.
Apart of using a master/slave couple of fw, we are evaluating if to
bridge two interfaces, for each FW, placed on both FE switches.
Link --->
---> SW1 ----> em0 (pf1-em0)
---> SW2 ----> em1 (pf1-em1 bridged to em0)
In such a case, the bridging feature on PFsense, can handle the trick?
In case of SW1 failure, can states open on interface em0 work also on
interface em1-bridged-to em-0?
I hope I've been clear.
Any suggestion/hint?
Thanks,
Tonino
--
------------------------------------------------------------
in...@zioni Interazioni di Antonio Nati
http://www.interazioni.it to...@interazioni.it
------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org