With all the changes in newer versions is this still possible? If so would you lose any feature like dtts?
Hi welcome to the forum @nxt76
Yes adam:ONE should have no problem running as a transparent bridge.
That’s great. Is there a current doc on config? Does the bridge interface get any rules? If I’m currently using the pfsense on Adamnet with the business sub and dtts, and then bridge lan and wan do I deletes the rules cn lan created by Adam? After creating bridge is there any routines to confirm Adam dns and dtts?
It’s been a while since setting a connection like this up but where am I placing it on the network if I have bell ONT > myrouter (pppoe connection). The router has integrated switch. The bridge needs to be between the router and any lan traffic , correct.
Just an fyi, this is to be able to benefit from adding unifi infrastructure ( including their IDS and vlans). Do you see any conflict with this?
Thanks for the help.
There is this article Running on a Transparent pfSense Bridge which is a bit out of date. Mainly it needs to be updated to have an example of using v4, and also it should be using the bridge filtering tunables talked about in Bridging and firewalling | pfSense Documentation
I would set net.link.bridge.pfil_member to 0 and net.link.bridge.pfil_bridge to 1. And then it should be a fairly simple matter of making the bridge interface the LAN (and listening) interface, and the firewall rules would be created on the bridge interface. The member interface(s) can basically be ignored.
Using the UniFi IDS should not be a problem, but I have not tested VLANs. Because the bridge is on VLAN1, I’m not entirely sure the ideal method to have VLANs use adam:ONE for DNS. It might be possible to have all the VLANs use the bridge interface IP, you’d have to try it.
Ok thanks. Sounds like it could be problematic. Straight pfsense router seems to be most stable solution.
Simpler is usually more stable for sure. I totally get the advantage of running in a bridge though. Especially if in the UniFi ecosystem you might want to stack them together.