Level 2 Firewall

This forum is intended to provide straightforward answers for people trying to use DynFi Firewall Open Source firewalls.
We might also try to answer questions related to competitors firewall such as pfSense® and OPNsense® systems.

Moderator: gregober

Post Reply
vachev
Posts: 1
Joined: 24 May 2023, 11:21

Level 2 Firewall

Post by vachev » 24 May 2023, 11:32

Hi,

Is it possible to configure DynFi as a Level 2 Firewall (no routing, no nat, no vlan bridging,...). Only packet inspection, filtering and blocking.

What I need is a level 2 firewall to put between my BGP router handling Internet connectivity and my servers having public IP addresses.

Have a nice day
User avatar
gregober
Posts: 266
Joined: 26 Mar 2019, 15:06

Re: Level 2 Firewall

Post by gregober » 24 May 2023, 18:48

vachev wrote: 24 May 2023, 11:32 Hi,

Is it possible to configure DynFi as a Level 2 Firewall (no routing, no nat, no vlan bridging,...). Only packet inspection, filtering and blocking.

What I need is a level 2 firewall to put between my BGP router handling Internet connectivity and my servers having public IP addresses.

Have a nice day
It is indeed possible to configure the DynFi Firewall as a L2 firewall only.
To do that, you would need to:
  • Deactivate the NAT in "Firewall >> NAT >> Outbound"
  • Configure your WAN bound to your BGP router in "subnet A"
  • Configure your LAN (or any other interface) in another "subnet B"
  • Apply filtering accordingly using firewall rules
As a bonus you could also enable Ntop to check packets flowing in / out or some other filters based on various technologies.
Hope this helps.
Post Reply