Question

I have a TRB 500 configured in bridge mode. It is passing the WAN IP to a firewall sitting behind the TRB500 (public IP is present on the firewall from provider). A /29 subnet is routed to the firewall.

Any traffic from the WAN IP works brilliantly, any from the routed subnet is discarded silently by the TRB500.

I have created firewall policy and changed the default policy for forward to be ACCEPT but this doesnt make any difference.

Answer 1

Hello,

  

Since you have a /29 subnet available, Bridge or Passthrough modes will not pass the remaining IP addresses.

To get this to work, you will need to disable the Masquerading option in the Network → Firewall → General. This will disable NAT. However, in this case, the router will also use up one IP address. I've not tested this personally, but in theory, this should be enough (IP settings will also need to be configured).

  

Best regards,
DaumantasG

Comments

not sure you understand my question correctly. So i'll elaborate a bit more.

The TRB500 recieves a /32 from the mobile network. This is using "passthrough" mode to assign the /32 to the firewall behind it. The /29 is routed to the /32 which is present on the firewall. Any traffic sourced from the /29 wont foward across the bridge. This works with other vendors.

---

Hello,

  

I've created a query for our RnD team to consult on this issue. Will let you know once I have some more information.

  

Best regards,
DaumantasG