Transparent Filtering Bridge on Bare Metal with 2 physical interfaces.

Started by TheCriticalPath, July 10, 2025, 05:51:37 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 10, 2025, 05:51:37 PM
https://docs.opnsense.org/manual/how-tos/transparent_bridge.html

After following the above instructions, I am unable to download the additional plugins and IDS rules. The client connected on the LAN side of the bridge is able to connect through the WAN, so that is working.  However the baremetal device cannot connect to the internet

Ping in the webgui interface diagnostics and the shell fails with sendto: No Route to host

Check for Updates fails with
Code Select
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 25.1 (amd64) at Thu Jul 10 03:01:02 UTC 2025
Fetching changelog information, please wait... fetch: https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/sets/changelog.txz: Network is unreachable
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/latest/meta.txz: Network is unreachable
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/25.1/latest/packagesite.pkg: Network is unreachable


I am new to opnsense and fairly new to networking.

I assume that connecting to the management ip on the bridge interface is missing configuration that routes out to the WAN. Can someone help advise how I need to configure opnsense to do this? Is this an issue in the interface, the firewall, the gateways, or something else? 

Any advice is appreciated.
July 11, 2025, 02:38:14 AM #1
How transparent is your bridge? That is, do you want to manage your firewall through the bridge interface? (You may not have much choice if you are limited to two interfaces and don't care to use VLANs.)

You can find the bridge interface settings (to configure an IP address) under "Interfaces" ("Interfaces: [Name] -> Generic configuration -> IPv4/6 Configuration Type" and additional config as needed); the default route (if not configured automatically via e.g. DHCP) would be under "System: Gateways: Configuration". I have static IPs, so my firewall public address and gateway are static. If you're performing NAT on your firewall (a bit odd for a transparent bridge)... it may not require additional setup (beyond what you have).
Print
Go Up Pages1
User actions