On 1/31/2013 3:07 PM, David Burgess wrote:
On Thu, Jan 31, 2013 at 12:29 PM, [email protected] <[email protected]> wrote:
Hello,
Probably a newbish question but I would like a sanity check before I go down
a blind alley. I have a /27 from my provider feeding into a pfSense 2.0.2
box. I was hoping to be able to Bridge the WAN to one of the OPT interfaces
and put a box on that OPT interface with a public IP. For example: assume
I have a WAN interface on the XXX.XXX.1.1/27 subnet which is assigned
XXX.XXX.1.3, The LAN interface is assigned192.168.10.1/24, OPT1 not yet
assigned. I would like to be able to nat all traffic for everything from
XXX.XXX.1.5 through XXX.XXX.1.30 the the LAN. I would then like to bridge
the WAN interface with the OPT1 interface and have a box directly connected
to the OPT1 interface assigned the XXX.XXX.1.4 IP. Is this doable?
The answer depends on how your ISP is routing your /27 to you. The
simplest setup is when they give you a static IP ouside of your
subnet. No bridging is required in this case, the ISP routes your
subnet via your static, and pfsense does the rest.
If your ISP does not allocate you a WAN IP address outside your public
subnet, then you will indeed want to bridge as you described, and then
probably set up VIPs on the WAN, the details of which I am not
familiar with.
db
Thank You for the response David. The ISP does not allocate a WAN IP
outside of the subnet. Virtual IPs I have down pat as I have many CARP
and IP Aliases already. The bridge setup is still eluding me though.
I have set the bridge between the WAN and the OPT1 interface under
Interfaces-> Assign -> Bridges and selected the WAN and the OPT1
interfaces. OPT1 is set as type "None", I have set the
net.link.bridge.pfil_bridge to 1 under System -> Advanced -> System
Tunables. I then take my laptop and assign its NIC the XXX.XXX.1.4
netmask of 255.255.255.224 with the gateway set to XXX.XXX.1.2, same as
my WAN Link) plug it in to the opt interface (via a small switch)
and... Nothing. No connectivity, can not ping anything. I have tried
setting the address of the WAN card(XXX.XXX.1.3) as the gateway also and
still no luck.
So, I am wondering do I need to assign an address to the bridge? or to
the OPT1 interface? Any hints on what I am doing wrong?
Thanks,
JohnM
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
