Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Bridge interface for WAN instead of LAN.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Bridge interface for WAN instead of LAN. (Read 3147 times)
Doughecka
Newbie
Posts: 2
Karma: 0
Bridge interface for WAN instead of LAN.
«
on:
January 05, 2020, 03:39:19 am »
I've got 2 Lanner FW-7551 boxes running the latest OPNsense, and these two systems have 4 ports that can be set to bypass mode (connecting ports 3 and 4, and 5 and 6 together). I'd like to setup a bridge using a pair of bypassable ports, so that when the unit is on and working, traffic can freely pass through the unit exactly the same way if it was in bypass mode. This way I can 'stack' the two firewalls and get redundancy without needing to have an upstream switch to share the single port I get from the cable modem.
Yes, this is a silly idea, but dang it, I figured out how to control these bypass ports, I'm gonna use them!
When I setup the bridge, and then configure a bridge interface with DHCP, the unit that's directly attached to the internet works, but I don't see any traffic passing through the bridge to the 'downstream' interface. Is traffic that's crossing through the bridge run through firewall rules? I've followed the bridge instructions including the system tunables to move the filtering from the member interface to the bridge interface...
Any thoughts?
Logged
Doughecka
Newbie
Posts: 2
Karma: 0
Re: Bridge interface for WAN instead of LAN.
«
Reply #1 on:
January 05, 2020, 11:28:32 pm »
ok, so if I add rules to all the physical interfaces that are used in the bridge to allow all traffic in/out, that seems to allow the traffic. Not sure why this is neccessary, since I have 'net.link.bridge.pfil_member' set to 0 (Set to 0 to disable filtering on the incoming and outgoing member interfaces)...
Maybe because it's 'WAN' it get's treated a little differently out of the box? Or is this simply a bug?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Bridge interface for WAN instead of LAN.