Yes, this is a Comcast Business account. After this discussion I have
decided to switch to a 1:1 NAT layout.
Since you have mentioned that you also have a Comcast Business account I
was wondering if you also have IPv6 working through pfSense with the way
Comcast attaches everything to the modem?
On 3/8/2015 12:57 AM, Justin The Cynical wrote:
On 06/03/2015 13:16, Tim Hogan wrote:
I am looking for some advice from the group about the best way to put
pfSense in my environment so that it can filter all traffic. The cable
provider that I use has given me a /29 of static IP address and one of
those addresses is assigned to the cable modem. When I asked about
putting the modem into bridging mode I found out that their idea of
bridging is to disable the firewall and DHCP service on the modem. So
this is what I have come up with so far.
A bit late to the thread, but...
Comcast 'business' account? This is what I have with static addresses
as well.
Comcast business uses a 'routed subnet' config (I was assigned a /29
subnet for my five statics as well), making it impossible to use as a
'proper' bridge (the SMC handles the RIP needed for the subnet routing).
This is how I configured my setup:
-Turn off all the DHCP/firewalling functions of the SMC device (they are
notorious for having very limited capability)
-Connect the WAN interface to the switch built into the SMC
-Assign all my usable addresses to the pfsense box using virtual IP's
for four of the five addresses
-Set the modem IP as the gateway of the WAN interface
-Firewall and NAT as desired
-Profit!
This configuration will make use of the absolute minimum of the SMC,
making it act like the toaster it should be.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
