Re: [pfSense] Best configuration for redundant transparent firewall operation?
On Sun, May 12, 2013 at 10:25 AM, Jason Pyeron wrote: > Is the instructions in #4 the best way to do this, and are there updates > (since > 2006) I should be aware of when following those instructions? > Should be more or less like that minus all the specific "ifconfig xyz" commands. I'd advice not doing that at all though, anything needing redundant firewall is usually best redesigned so you're routing instead. Good chance you'll want things like VPNs that aren't possible or have major complications when bridging anyway. It can be done, just requires significant caution and very careful attention to the STP config all around. Also might want to tie the bridge down/up into devd assuming you'll have at least one CARP IP somewhere. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Hosts in LAN can't see each other
Hi, as described in another post a few days ago, my setup is as follows: ethernet -> WAN WLAN -> LAN OPT1 -> bridge(WAN,LAN) The firewall is switched off and communication from LAN to WAN works flawlessly. But the hosts in the LAN (wireless) can't see each other. They can only see the hosts in the WAN including the pfSense box. What do I need to configure that the hosts in the LAN can communicate with each other? Regards Marco ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Best configuration for redundant transparent firewall operation?
Is the instructions in #4 the best way to do this, and are there updates (since 2006) I should be aware of when following those instructions? Things I read first: 1: http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4&manpath=OpenBSD+5. 3 2: http://www.openbsd.org/faq/pf/carp.html#pfsyncop 3: http://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP) 4: http://www.seattlecentral.edu/~dmartin/docs/bridge.html -Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
