You should really use optical for building-building runs. Since the buildings are distant, it's possible for them to be at fairly different ground potentials. This can damage equipment and be a major safety hazard if someone touches contacts on an Ethernet cable. Plus it will get you the distance you need. This might complicate things for installation in the parking lot though; what facilities are available there, or are you trying to mount a small AP on top of a light standard or something?

You can get 100baseFX (and even 1000baseSX) gear quite cheap on eBay these days. You'd need a couple fibre NICs or switch ports at your pfSense box, and then a media converter for your wireless APs, or again switch ports.

If you keep all the APs on the same SSID and in the same network segment, the clients should switch to any of them on their own (but usually only when they totally drop signal with the old AP, which could be a problem for you).

As far as guest access, proper commercial APs can do multiple SSIDs with different security settings, and then tag them with different VLANs. This might be a setup to look into, you could use no encryption with CP for guests and then WPA2-enterprise for your corporate clients. The problem is that you then need to buy enterprise grade APs, which aren't cheap. You might be able to use the Ubiquiti hardware (which I'd recommend anyway) with 3rd party firmware to do this, but I know their included firmware doesn't support it.

This device is not supported.

http://www.freebsd.org/releases/7.2R/hardware.html#WLAN

I do it manually, because I do not go to sleep at the same time everyday, but I tested with airodump-ng and that the AP card is down and it does not send any signal.
But for sure that in a cron job it will work well too.

You know , I do not want to put aluminium foil in my head to prevent the wifi burn my brain at night.. ;) hehehe.

Does anyone have a clue on this?

Manually editing hostapd.conf didn't work out, maybe we're missing some options on the file…i think that these settings should be enough (plz correct me if i'm wrong), obviously with custom settings:

##### RADIUS client configuration ############################################# # The own IP address of the access point (used as NAS-IP-Address) own_ip_addr=127.0.0.1 # Optional NAS-Identifier string for RADIUS messages. When used, this should be # a unique to the NAS within the scope of the RADIUS server. For example, a # fully qualified domain name can be used here. nas_identifier=ap.example.com # RADIUS authentication server auth_server_addr=127.0.0.1 auth_server_port=1812 auth_server_shared_secret=secret # RADIUS accounting server acct_server_addr=127.0.0.1 acct_server_port=1813 acct_server_shared_secret=secret

If these changes worked, they wouldn't be permanent…like said in the linked post, for that we should hardcode /etc/inc/interfaces.inc...what are the var $config["wireless"]["…"] settings to configure the ieee802.1x configs?

Some advice would be appreciated…Thanks in advance!

Check the LoS path from your client to the wireless antenna. I've seen situations where the signal is nearly unusable because of a radio-opaque object in the path. In the most recent case I remember it was a wire mesh trash can a couple metres from the PC, but directly in the radio path. Caused the signal to drop to almost unusable levels. This can also often happen if you've got a rear mounted (ie. PCI card attached) antenna - the case itself gets in the radio path and all you can pick up are reflections, which really hurts signal quality. Either add a pigtail and put the antenna on top of the case or elsewhere it won't be obscured, or reposition the case so the antenna is on the side where you intend to use the wireless signal.

To be honest though I gave up on using wireless with pfSense myself because of signal issues and packet loss when I tried it with an ALIX board. Now I just use WRT54GLs or Ubiquiti gear as APs where I need them; it makes positioning more flexible as well.

I gave up trying to get this card to work.  I had huge problems.  Good luck.

try this site for scientific antennas
http://www.wifi-plus.com/metrospotsystems.html

I managed to get my diagram setup working, however the security is backwards, Wifi clients can access LAN PCs but not the other way around

I see…  It's also interesting to see it for the first time, for me, where a single mini-pci card can have two radios operating independently and simultaneously, and at such low cost.

Apparently FreeBSD has some "generic" 802.11n support but doesn't yet have any device drivers for 802.11n devices.

See http://forum.pfsense.org/index.php/topic,14253.msg75550/topicseen.html#msg75550 and http://www.mail-archive.com/freebsd-net@freebsd.org/msg30294.html The latter post suggests that at least one Atheros 802.11n chipset can be made to work in 802.11g "compatibility mode" but not "full 802.11n" mode. Depending on what you want to do, this may or may not qualify as "802.11n". The latter post discusses "FreeBSD current"; I don't know if the discussed support is in any pfSense build.

@ wallabybob.

I have checked Enable Intra BSS communication and now I can ping the Win2k3 server from the ping util in PfSense. Thanks!

I don't want to use PfSense as the DHCP server because I have the W2k3 box setup and was going to reflect those DHCP setting on the PFSense box if the server whent down.

This little setup is for home use / studdy. So nothing to critical.

Thakns for the help!

Hi!

I'm testing now with another computer, this one has intel chipset, not Via…and it seems to work flawless, with the same USB dongles. it is working at full speed for about 4 hours without a single failure, so I can think that the problem is with USB support of via chipset....

do you know something about that?

Did you assign the interface in the GUI and configure it correctly?

Sometimes people are confusing the modes "infrastructure" with "access point".