Nowadays is easy to find a board with more than two ports. For a box with 4 gigabit ports, one used as WAN, others act as as LAN as if they are all part of a switch. Bridging is a good way to go. A bridged interface is one that can filter traffic without pfSense being involved in the IP layer of the connection. This is commonly referred to as a “transparent firewall”. Requirements: pfSense box with multiple NICS; 1 for Wan, others for Lans (two or more). What we will get: i port as 1 WAN, Others as LAN.
1. Assign an individual IP for all NICs by going to ‘Interfaces → Assign’. Important!
Note: Only set up a IPv4 address for each NIC.
2. Set up DHCP on NIC1 by going ‘Services → DHCP server’
3. Bridge other NICs by going to ‘Interfaces → Assign → Bridges’ and set up an IP for the interface.
Note: Do not include WAN and NIC1.
4. Create a interface groups by going to ‘Interfaces → Assign → Interface Groups’.
Note: Include all NICs and Bridge interface in “Member (s)”, do not include WAN.
5. Change the default firewall rule under NIC1 to all NICs interfaces to avoid being locked out by going to ‘Firewall → Rules’
Note: Change the Interface from NIC1 to the Interface groups which is created in Step 4.
6. Enable DHCP on the bridge interface by going to ‘Services → DHCP server’.
7. Disable DHCP on NIC1 by going to ‘Services → DHCP server’ and include NIC1 into the bridge which is set up in Step 3 by going to ‘Interfaces → Assign → Bridges’.