ISP modem router Wi-Fi hw use DMZ to get around bridging?

gigatexal

I'm here to learn
Nov 25, 2012
2,803
543
113
Portland, Oregon
alexandarnarayan.com
So I can’t bridge my modem/router thing but I did think that perhaps I could do the following:

1. disable dhcp, firewall, etc
2. Create a DMZ endpoint with an ip of say 192.168.0.2
3. Use separate pfsense firewall and router using the DMZ endpoint as if it were the WAN ip of a dumb simple modem and the get a Wi-Fi access point for Wi-Fi
 

Rand__

Well-Known Member
Mar 6, 2014
5,600
1,228
113
What model have you got and what services do you want to run?

If you dont want to access anything on the inside from the outside its not a big issue to just add a fw of your own.
If you want vpn or what else you'll need to enable traffic forwarding (all or individual ports)
 

gigatexal

I'm here to learn
Nov 25, 2012
2,803
543
113
Portland, Oregon
alexandarnarayan.com
I’d like to dumb down the routing and interference of the ISP modem as best I can.
It’s a CH7467CE from PŸUR

It’s actually a decent modem but I want the benefits of a pfsense box which I have built and be able to do normal routing and port forwarding things and be able to VPN out etc
 

Rand__

Well-Known Member
Mar 6, 2014
5,600
1,228
113
Well it looks like it supports port forwarding and DMZ so if you just shut everything else down and forward to your own FW it should be fine.
 
  • Like
Reactions: gigatexal

RTM

Well-Known Member
Jan 26, 2014
762
279
63
It’s actually a decent modem but I want the benefits of a pfsense box which I have built and be able to do normal routing and port forwarding things and be able to VPN out etc
Are you having trouble accessing VPN services on the internet from within your local network? or did you mean VPN in (from the internet)
If so, forwarding ports to internal pfsense or using DMZ mode (whatever that means), might not solve that problem.
If that really is the case, I suggest looking for options such as IPSEC or PPTP ALG, you may want to enable those if you have issues. Of course use of PPTP based VPNs is not recommendable.....
 

RTM

Well-Known Member
Jan 26, 2014
762
279
63
Oh and on another note, you may want to consider disabling NAT in the pfsense firewall if your other router is already doing it, it should be faster and the pfsense firewall can still do its job.