1. Do I login to AP and configure wireless settings or can this be done via GUI? - this is the part i understand least
2. What FW needs to be set to allow traffic?
1. Yes, all wireless configuration should be done only in the AP (DD-WRT). pfSense should have nothing to do with wireless at this point. (Unless you wanna do WPA2-Enterprise in the future…)
2. The pfSense LAN interface by default allows all outgoing traffic, so everything should work by default. You can follow a restrictive whitelisting approach in the future if you want to allow outbound ports one by one (such as 80/tcp and 443/tcp for web browsing, etc.). This can be very tedious and granular depending on your needs.