On 1/31/2013 4:13 PM, [email protected] wrote:
On 1/31/2013 3:07 PM, David Burgess wrote:
On Thu, Jan 31, 2013 at 12:29 PM, [email protected] <[email protected]>
wrote:
Hello,
Probably a newbish question but I would like a sanity check before I
go down
a blind alley. I have a /27 from my provider feeding into a pfSense
2.0.2
box. I was hoping to be able to Bridge the WAN to one of the OPT
interfaces
and put a box on that OPT interface with a public IP. For example:
assume
I have a WAN interface on the XXX.XXX.1.1/27 subnet which is assigned
XXX.XXX.1.3, The LAN interface is assigned192.168.10.1/24, OPT1 not yet
assigned. I would like to be able to nat all traffic for everything
from
XXX.XXX.1.5 through XXX.XXX.1.30 the the LAN. I would then like to
bridge
the WAN interface with the OPT1 interface and have a box directly
connected
to the OPT1 interface assigned the XXX.XXX.1.4 IP. Is this doable?
The answer depends on how your ISP is routing your /27 to you. The
simplest setup is when they give you a static IP ouside of your
subnet. No bridging is required in this case, the ISP routes your
subnet via your static, and pfsense does the rest.
If your ISP does not allocate you a WAN IP address outside your public
subnet, then you will indeed want to bridge as you described, and then
probably set up VIPs on the WAN, the details of which I am not
familiar with.
db
Thank You for the response David. The ISP does not allocate a WAN IP
outside of the subnet. Virtual IPs I have down pat as I have many
CARP and IP Aliases already. The bridge setup is still eluding me
though.
I have set the bridge between the WAN and the OPT1 interface under
Interfaces-> Assign -> Bridges and selected the WAN and the OPT1
interfaces. OPT1 is set as type "None", I have set the
net.link.bridge.pfil_bridge to 1 under System -> Advanced -> System
Tunables. I then take my laptop and assign its NIC the XXX.XXX.1.4
netmask of 255.255.255.224 with the gateway set to XXX.XXX.1.2, same
as my WAN Link) plug it in to the opt interface (via a small switch)
and... Nothing. No connectivity, can not ping anything. I have
tried setting the address of the WAN card(XXX.XXX.1.3) as the gateway
also and still no luck.
So, I am wondering do I need to assign an address to the bridge? or to
the OPT1 interface? Any hints on what I am doing wrong?
Thanks,
JohnM
Ok so I figured it out and am replying to my post in case someone else
reads it down the road, maybe it will help.
Turns out I was on the correct path but had to go to Interfaces->assign
and assign the physical Interface (in my case rl0) to OPT1 (which I
named PhysicaInterfaceforBridge, clever ain't I ) , next go to
Interfaces->assign->Bridges and bridge OPT1 and WAN, go back to
Interfaces->assign->assign interfaces tab and click on the + and there
will now be a bridge0 in the drop down that can be assigned to OPT2
(which I named BridgeInterface) . I then assigned my laptop the IP of
XXX.XXX.1.4 with net mask of 255.255.255.240 and gateway of XXX.XXX.1.2
plugged it into the switch which is connected to the physical interface
(could have used a crossover cable also) and all was good. No Virtual
IPs needed on pfSense. Final step, DO THE HAPPY DANCE!
Thanks
JohnM
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
