Firewall with pfSense

Toggle sidebar Toggle sidebar
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
I've been doing a little experimenting with custom firewall/routing and for the most part the setup was painless. I have some older hardware running pfSense and my WAN and LAN interfaces are all detected. I can access the web configuration but I could never get internet access...

Now, my modem doubles as a router so I figured I'd have to set that to bridged mode. That would disable the wifi too but that's not a big deal as I have other access points wired in.

I am getting an IPv6 address from my ISP, and I am setting the firewall/router assembly as 192.168.1.3 on my network. Doesn't work; something related to the DNS server not being reached. I've tried a number of options and poured over article after article but I can't get internet access.

My setup is like this:

ISP --> Modem --> Firewall/Router --> Switch --> Computers

I am wondering now if what I am attempting is even possible, or if I just have this all connected wrong. The WAN port of my firewall is connected to the modem and the LAN port is connected to the switch. WAN is set to DHCP in pfSense and both links show that they are online and working fine. I am clearly missing something though... any help would be appreciated.
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
I can put in the DNS servers on the general setup page, in which I entered both IPv4 and IPv6 addresses. I put in both primary and secondary for each. I feel like I am one or two steps away from having this up and running but I can't quite figure it out.

I would opt for something easier to use but the universal solution seems to be pfSense.
 
sdifox

sdifox

No Lifer
Sep 30, 2005
101,205
18,220
126
So the firewall router in your diagram is pfsense? Are you doing hdcp on your pc or static ip?

Also, your modem should be connected to nic0 of your pfsense box and the switch is connected to nic1. Otherwise you are bypassing the pfsense.
 
Last edited:
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
sdifox said:
So the firewall router in your diagram is pfsense? Are you doing hdcp on your pc or static ip?
Click to expand...

Yes, I'm trying to configure pfSense as my router/firewall, so DHCP is enabled but I don't think any of my computers are getting IP addresses. Also my modem is in bridged mode so it doesn't act as a secondary router.

I was instructed to move the LAN subnet on pfSense to something other than 192.168.1.x but I'm not even sure I am able to do that. I set the LAN IP to 192.168.10.1 but nothing happens.

Admittedly I think I'm in way over my head at this point, but do feel like I am close to getting it all to work.
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
Ugh, my modem really doesn't like being switched between bridge mode and normal. I had to reset it like 5 times before I could log on to it and have internet access again.

cmd-ipconfig_zps2yjhth41.jpg


That's what it looks like when pfSense is not online and I am connected through my modem/router.

Pretty normal... devices getting IP's from the modem/router etc.

When I implement the pfSense device and connect both LAN and WAN ports my service goes down and I can never connect. Same thing happens when I put my modem into bridge mode.
 
sdifox

sdifox

No Lifer
Sep 30, 2005
101,205
18,220
126
EXCellR8 said:
Ugh, my modem really doesn't like being switched between bridge mode and normal. I had to reset it like 5 times before I could log on to it and have internet access again.

cmd-ipconfig_zps2yjhth41.jpg


That's what it looks like when pfSense is not online and I am connected through my modem/router.

Pretty normal... devices getting IP's from the modem/router etc.

When I implement the pfSense device and connect both LAN and WAN ports my service goes down and I can never connect. Same thing happens when I put my modem into bridge mode.
Click to expand...

Did you copy the mac from your computer to the wan post on ofsense? Some isps need that
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
No I haven't done anything with MAC addresses but I will try.

I think my whole problem is my modem/service, because everything in pfSense is correct from what I can tell. DNS servers are in there, LAN and WAN on different subnets etc. DHCP and IPv6 are also enabled and should be working.

I used to be good at this stuff... :/
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
So bit of an update...

I ditched the Asus board and now I'm attempting this with a mini-itx zotac board with onboard NVIDIA network controller and PCIe NIC installed.

Both of the interfaces are detected but I was never able to log on to the web configuration. It's maddening...
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
4,138
949
136
I was finally able to access the web configuration with just the LAN interface connected to my switch. I still couldn't figure out why I couldn't connect to the internet though, so I removed the hard drive and installed untangle. Works fine.

I've used untangle in the past and I suppose it's better for this setup anyway since the modem/router is still the DHCP server. Once I set it to bridged mode I could connect all of my devices to the internet.

My one and only caveat... it states that the internal (NVIDIA network controller) and external (Realtek NIC) interfaces may be backwards? That didn't make sense to me. The WAN port of untangle is connected to LAN port 1 of the modem and the LAN port of untangle is connected to my switch.

I don't know how to remotely log into the untangle server via web browser but I'll figure that out another day... I'm tired of troubleshooting haha
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom