I’ve been using pfSense on a Watchguard Firebox X750e or Dell R610 server, both of them have multiple OPT ports. So I wanted to bridge LAN and OPT1 ports together so I can have two machines on the same network, get DHCP or access each other.
These are the steps I went through, I assume you’ve had some experience with pfSense firewalls and can make these adjustments.
First step is to adjust kernel parameters that are needed. These basically say to have filtering on the bridge level not the individual members. So go to
System > Advanced > System Tunables
Change these two settings
net.link.bridge.pfil_member = 0 net.link.bridge.pfil_bridge = 1
Then apply changes.
Next we’re going to change LAN to be OPT2 and then put OPT1 and OPT2 into BRIDGE0 to allow them to communicate together. The BRIDGE0 will be your new LAN network.
Note you’re going to loose access once you modify LAN, so be careful during these steps.
Interfaces > OPT1
Make sure OPT1 is enabled. Save and Apply changes.
Next we’ll create the bridge but with only OPT1 in there to start.
Interfaces > (assign) > Bridges
Click Add. And only assign OPT1 first and Save.
Interfaces > (assign)
Now change LAN from the current assignment to BRIDGE0. This will effectively remove your access. So switch over to OPT1 to continue.
Interfaces > (assign)
Change LAN from the current hardware address to BRIDGE0 as the interface. Next add OPT2 which was the old LAN interface hardware address. Make sure you enable OPT2, and then we add to the bridge
Interfaces > (assign) > Bridges
Edit BRIDGE0 and add OPT2.
After that last change everything should be good now. The one thing that happened for me, I had to restart the dhcpd server for it to pick up after I changed the LAN interface to BRIDGE0.
I’m not able to communicate from OPT1 and OPT2 (LAN) ports over BRIDGE0. You should now be able to connect between machines as well as out going.