MadJuggla9
2[H]4U
- Joined
- Oct 9, 2002
- Messages
- 3,515
We had a neteq go out from lightning a few weeks back and since then I've been locally testing every distro from the sticky and I've come to like (and am currently *locally* running) Endian, pfSense, and Untangle.
In addition to strictly being a firewall, the neteq was mainly used for NTOP (for traffic hogs), QOS, cutting off unpaid customers, and blocking malicious IPs/MACs. I like that pfSense has the NTOP feature a lot but ultimately the choice is whatever suits my needs best.
Can someone shed some light on the bridge aspect? For example; I assign the WAN IP as a local free IP (each of the 3 firewalls have a different unit and live IP im testing on), and the LAN IP as a 10.x.x.x.
I can connect to the internet using a 10.x.x.x static IP but not when I use an IP that would be on the same subnet as the firewalls *WAN IP*.
I do NOT want the firewall to route, merely *watch* traffic with features so to speak. All IPs on our network are static. How can I setup a simple bridge so the firewall can be effective, and accept any IPs coming thru it? I'm currently favoring pfSense and have it working great but I'm limited to IPs that match the subnet of my LAN interface.
In addition to strictly being a firewall, the neteq was mainly used for NTOP (for traffic hogs), QOS, cutting off unpaid customers, and blocking malicious IPs/MACs. I like that pfSense has the NTOP feature a lot but ultimately the choice is whatever suits my needs best.
Can someone shed some light on the bridge aspect? For example; I assign the WAN IP as a local free IP (each of the 3 firewalls have a different unit and live IP im testing on), and the LAN IP as a 10.x.x.x.
I can connect to the internet using a 10.x.x.x static IP but not when I use an IP that would be on the same subnet as the firewalls *WAN IP*.
I do NOT want the firewall to route, merely *watch* traffic with features so to speak. All IPs on our network are static. How can I setup a simple bridge so the firewall can be effective, and accept any IPs coming thru it? I'm currently favoring pfSense and have it working great but I'm limited to IPs that match the subnet of my LAN interface.