On 06/03/2015 13:16, Tim Hogan wrote: > I am looking for some advice from the group about the best way to put > pfSense in my environment so that it can filter all traffic. The cable > provider that I use has given me a /29 of static IP address and one of > those addresses is assigned to the cable modem. When I asked about > putting the modem into bridging mode I found out that their idea of > bridging is to disable the firewall and DHCP service on the modem. So > this is what I have come up with so far.
A bit late to the thread, but... Comcast 'business' account? This is what I have with static addresses as well. Comcast business uses a 'routed subnet' config (I was assigned a /29 subnet for my five statics as well), making it impossible to use as a 'proper' bridge (the SMC handles the RIP needed for the subnet routing). This is how I configured my setup: -Turn off all the DHCP/firewalling functions of the SMC device (they are notorious for having very limited capability) -Connect the WAN interface to the switch built into the SMC -Assign all my usable addresses to the pfsense box using virtual IP's for four of the five addresses -Set the modem IP as the gateway of the WAN interface -Firewall and NAT as desired -Profit! This configuration will make use of the absolute minimum of the SMC, making it act like the toaster it should be. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
