Management port on transparent bridge

Started by mantissa, April 29, 2026, 02:36:05 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 29, 2026, 02:36:05 AM
This has been problematic for me. I have a transparent bridge running IP4 and IP6. The bridge is on OPT1 and WAN. The IP4 address space is on the OPT1 interface 192.168.1.0/24. Traffic passes fine between OPT1 and the WAN. I cannot get a connection outbound from the bridge0 device to the outside world. This means I cannot get updates or add packages. I have been managing the bridge via the LAN interface on 192.168.10.1/24. I suspect this .10 address space is the problem. I have tried a few things and ended up locking myself out a couple of times so I am kind of hesitant to play around with settings until I know what is going on. How can I configure the device to it can communicate out the WAN and get updates?
April 29, 2026, 03:08:01 PM #1
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
April 29, 2026, 03:53:03 PM #2
Quote from: mantissa on April 29, 2026, 02:36:05 AMI cannot get a connection outbound from the bridge0 device to the outside world.
This requires, that the OPNsense has an IP the same subnet as the other devices, which are able to get out to WAN across the bridge and that the gateway is configured correctly.
April 29, 2026, 04:18:07 PM #3
The bridge tutorial linked above is more about transparent filtering bridges with vlans that should stay unnumbered. A normal LAN bridge should work as @viragomann mentions.
Hardware:
DEC740
April 29, 2026, 04:27:07 PM #4
@Monviech for OPNsense to get out to the Internet in a transparent bridge setup it needs an IP address matching the other router and a properly configured default gateway.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 29, 2026, 06:23:51 PM #5
...which makes it a bit less transparent. Of course, the utility of transparency in a bridging firewall is questionable, particularly in a private address scheme.
April 29, 2026, 06:28:23 PM #6
Quote from: pfry on April 29, 2026, 06:23:51 PM...which makes it a bit less transparent. Of course, the utility of transparency in a bridging firewall is questionable, particularly in a private address scheme.
In which way? The devices connecting through the firewall to the other default gateway don't notice the FW. It's just an address to connect to the UI and for the FW to perform DNS lookup, NTP, download updates ...

You can block access to that address for all but your single mangement PC.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions