This article covers how to enable a LAN bridge in pfSense®. LAN bridges act as a switch using the optional ports on the Vault. While not optimal compared to using a separate physical switch, it works if needed.
Note: If the port being used for the web interface is added to the bridge, then physical access to the unit will be necessary.
How to Create a LAN Bridge in pfSense®
In this example we will be assigning the LAN interface to a bridge utilizing the Vaults additional ports, OPT1 and OPT2. The idea of this example can be used across all the Vault models with small variation.
- Access the webGUI. The default IP address: 192.168.1.1, username: admin, password: pfsense
- Verify the Vaults optional interfaces(OPT1, OPT2, etc) are assigned with default settings.
- To assign simply click Add next to the port you wish to assign. Click Save.
- To enable the each interface, click the on the interface label(OPT1,OPT2,etc) in the left column.
- Click Enable, leave all other settings default. Save and Apply Changes
- In the Interfaces menu select the Bridges tab and click Add
- Select OPT1 and OPT2 using Ctrl+Click. Don’t select the LAN interface. Click Save.
- Navigate back to the Interface Assignments tab and change the LAN interface port to BRDIGE0
- Note: At this point once the settings are saved the web interface connection will be lost. Swap the Ethernet connection to one of the optional ports(OPT1,OPT2) added into the bridge to regain access
- Assign the port previously used as LAN to OPT3 and enable it as done in the steps earlier
- Navigate back to the Bridges menu and add(Ctrl+Click) OPT3. Save
- Navigate to System > Advanced > System Tunables
- Select net.link.bridge.pfil_member and change its value to 0. Save
- Select net.link.bridge.pfil_bridge and change its value to 1. Save
- Click Apply Changes at the top
- Verify bridged ports are functioning
At this point you should have a functioning LAN bridge in pfSense®. If you need additional assistance, please feel free to reach out: [email protected]. You can find more information about pfSense on the Vault in our Knowledge Base, or at pfSense.org