I'm trying to add an external firewall to my system (pfSense with snort IPS)
Right now when I define the firewall as a bridge ,I connected the modem to the pfsense INPUT port and the OUTPUT port to the Mikrotik Router.
The Mikrotik Router is responsible for dialing through eth13 and PPPoE Client.
The Trafic come from the modem to the pfsense and then come to the mikrotik, but pfsense failed to block.
I try to connect the same pfsense bridge to an internal network it works fine, my guess is because it's connected directly to the modem.
Is there a way to fix the situation?
I thought maybe using eth11 and eth13 to move all the traffic come and back to the pfsense.
modem (PPPoE) ------> Mikrotik (eth13)
Mikrotik (eth12) --------> pfsense (in)
pfsense (out) -----------> Mikrotik (eth11)
and change the nat roll the eth11
I do not know if it is possible without assigning more addresses, just now I have 3 address spaces I want to keep it