(Bought the pfsense book and it doesn't cover this subject very well) I'm trying to figure out if this is actually doable on pfSense 1.2.3 or 2.0.
I have a main /30 that 3 other networks are routed to on a single ethernet. I'm currently using a Cisco ASA that has the 3 other networks assigned to individual interfaces, all routed to the main interface which is routed to the /30. All hosts behind the firewall have and need public IP addresses (NAT is out of the question and beyond the scope of this post). The thing that I'm trying to figure out is can pfSense work in a mode (like bridged) to replace this ASA, allowing for the hosts behind the firewall to retain their public IP addresses AND have the ability to communicate with each other? ASCii Diagram (first public IP octets changed for obvious reasons) Networks Interfaces | | ---WAN-> 10.92.75.110/30 (Main IP) ----------> pfSense (fw1) ----- igb0 --> Static 10.92.75.110/30 WAN 10.69.93.190/26 --| | 10.69.93.222/27 --|-- All of these are | 10.69.87.0/24 --| routed to main IP | |------------ igb1 --> OPT1 | |------------ igb2 --> OPT2 | |------------ igb3 --> OPT3 | |------------ bce0 --> LAN | |------------ bce1 --> Free If pfsense can't do this, then what if I were to keep the ASA behind a pfsense machine, and bridge a single OPT interface with WAN, and have that OPT interface run to my current WAN (outside) interface on the ASA? Would that work or is it still a no go? --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
