![]() My pfsense WAN gets a public address, and I can still access the BGW320-500 gateway via its 192.168.1.254 address - no static routing needed, since the default route pfsense gets as part of the WAN DHCP process takes care of that. I have this exact same setup and what you’ve done is pretty much what I’ve done, but I didn’t manually assign a specific MAC address as part of the process since I was migrating from my old Cisco ASA 5506 firewall to a new pfsense box. Unless you have a large network (enterprise, not home) this only really applies to traffic leaving your network. You can manage QoS from pfSense too but just keep in mind that it isnt going to give you more bandwidth, it’s just going to prioritize what drops first when the pipe is full which is less of a problem the more bandwidth you have. In regard to QoS, sometimes it’s really easy to hit a couple of buttons to optimize your connection (you will mostly want to prioritize real time voice and video traffic) but if not dont worry about it. While you are in your ISP device it would be a good idea to make sure uPnP is turned off, remote administration is turned off, and NTP is turned on, then take a long look at QoS. That should be all you need to do but these things vary a lot and sometimes you need to add a static route in pfSense to access the ISP device from your pfSense network. This puts pfSense outside of the firewall but leaves the firewall on to protect the ISP device (very important!). ![]() You simply make sure pfSense is plugged into the LAN of the ISP device then go into the ISP device settings and enable the DMZ and add pfSense to the DMZ (usually by means of a something like a dropdown list of clients). ![]() You will usually find this somewhere near the firewall or advanced firewall settings inthe ISP device. Many of these ISP devices have the capability of creating a DMZ. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |