Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
At a loss - Trying to set up a Transparent Filtering brudge
« previous
next »
Print
Pages: [
1
]
Author
Topic: At a loss - Trying to set up a Transparent Filtering brudge (Read 764 times)
domidam
Newbie
Posts: 6
Karma: 0
At a loss - Trying to set up a Transparent Filtering brudge
«
on:
July 10, 2024, 09:52:28 pm »
Hi there,
I am trying to set up a transparent filtering bridge on my home network. My topology is as follows: Modem -> Firewall -> Router.
After much frustration and confusion, I set up a dedicated MGMT port, with a small DHCP pool of about 10 addresses and a static IP of 192.168.1.2. While I would like to be able to access the firewall from my LAN through the MGMT port, it suffices for now and I can configure everything as I need to. The issue I am having is is that even after I double-checked that I followed OPNSenses documentation on the subject correctly, I am not able to communicate to the outside internet. WAN and LAN are both there, and The Bridge is there and enabled, I believe I set the firewall rules correctly on all three interfaces, but still, no dice. When I connect everything up my router displays an error saying that my "ISPs DCHP Service isn't working" My hunch is that I missed something in the configuration of the firewall that prevents the passthrough of the necessary DHCP data to my router, or due to my model of router (ASUS RX-AT82U v2) I need to put the router into a different mode for the bridge to properly work. However, both of these are just guesses. I have attached some pictures of my settings to see if anyone can spot anything... Thank you in advance!
https://imgur.com/a/h059gW2
I had to use IMGUR because the attachments were too large
Logged
Labber53
Newbie
Posts: 7
Karma: 0
Re: At a loss - Trying to set up a Transparent Filtering brudge
«
Reply #1 on:
July 14, 2024, 08:30:04 pm »
Hey I can help. Here is what I understand:
[ Modem]
[Layer2 Firewall] ("bridge mode") ==> additional Management interface on LAN subnet
[Router] (might be wireless router)
[LAN]
The router is set to DHCP.
You are able to manage the firewall from the LAN
You are able to manage the router from the LAN
Issue: router fails to get WAN IP via DHCP from the ISP
Troubleshooting 1: set the Router WAN IP with the static IP address to take DHCP out of play. Does it work?
Troubleshooting 2: make sure NAT rules disabled, DHCP service, allow firewall rule added on OPNsense (see docs for the full list)
I have not deployed OPNsense as a L2 firewall ("transparent bridge") yet. I have reviewed
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
and will try it in my Lab today
Logged
Labber53
Newbie
Posts: 7
Karma: 0
Re: At a loss - Trying to set up a Transparent Filtering brudge
«
Reply #2 on:
July 15, 2024, 01:55:10 am »
Sorry I don't have good news for you.
I tried reproducing the Tutorial instructions
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
without success.
DHCP didn't work. Not even using static IP address (matching what I would have got over the bridge) worked.
There are some oddities in that document. I compared it to:
https://docs.opnsense.org/manual/how-tos/lan_bridge.html
You might try that second How-To.
I will try to revisit this tomorrow. You can follow the my steps to reproduce the issue at this repo:
https://github.com/doritoes/NUC-Labs/blob/XCP-ng/XCP-ng/Appendix-L2_Firewall.md
EDIT See also
https://community.spiceworks.com/t/opnsense-transparent-bridge-between-isp-and-fortigate/946090/8
«
Last Edit: July 15, 2024, 07:03:47 am by Labber53
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
At a loss - Trying to set up a Transparent Filtering brudge