On Sun, 2005-10-23 at 09:23 -0500, Bill Marquette wrote: > O > > > Is there any way I could have pfsense ip at .154 and use .155-158 for > > my applications ? > > Yes, configure the pfSense LAN IP to .154 (and configure it for the > full subnet - you'll need to set the default gateway too) and then > bridge LAN to WAN. You'll need rules on the WAN interface to allow > for remote management of the pfSense box, but that should work just > fine.
Well, Both LAN and WAN wants their IPs set. And never of configurations seems to work decent way. First, I have to set IP address to WAN network, otherwise it complains "field 'IP address' is required." I may only set IP to WAN network and leave LAN ip empty and enable bridging. In this case PfSense however becomes unreachable from LAN network (should not it be fixed to also require IP if it is really required ?) In this case I however can access WebGUI from external network (I allowed all incoming traffic for tests). One more bug around it - If I provide empty LAN address in configuration it continues to work... until reboot. Reboot causes system to be inaccessible from LAN. This especially worries me as if reboot happens few months after you've done some changes you might not remember what they were... If I set both LAN and WAN to use the same IP address (.154) access from WAN breaks, even with firewall which permits everything ... Went do do some research. Ok. It looks like I got what the problem is. There is "wanspoof" rule which blocks all traffic from WAN network which comes from IPs which are set for LAN network, which seems to be wrong in case of Network bridging. Also... I see there is the rule "SSHLockout" - any way to disable it ? It is to be used in collocation environment and there are certain hosts which will need such access. Thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
