Wireless client isolation is a layer 2 function on the access point itself.

@IBP said in How do you set up new Parent Interfaces on pfSense:

WAX615-100EUS

That's an external Access Point not a wireless NIC. You would only see that error if you're trying to create a wifi interface within pfSense. Like you have put a WIFI PCIe cxard in the 2100 dircetly and are creating virtual access points on it. Unless you have that you should not use the Wireless Interface tab at all.

What exactly are you trying to do?

@SteveITS thanks for the quick response on both fronts.

@stephenw10 I originally didn't think it would work. But it does. It's amazing.

Maybe. 🤞

Exactly. To do it with one card you would need to find a card that had two complete sets of hardware on it. I'm not sure such a card exists but if it does it's probably far far more expensive. Hence my '100x' guess. Regular single radio cards can be had for <$5.

Yes, though not as an access point.

@NollipfSense I bet in the future we will dock only our smartphones to a KDM at work and will no longer use WiFi. A VM for work boots like Windows 11 and undock and it shuts down. If you go to a different company they delete the VM.

https://forum.netgate.com/topic/183787/s0lved-squidguard-and-wireless-printer

Maybe add a DNS resolver for it also??

@stephenw10 PR created: BSSID entry on Network-Specific Wireless Configuration of Interfaces #14960

I wouldn't expect to have to make any other change there. You might try restarting Freeradius to be sure though.

The command to set that would be: sysctl dev.ath.0.tpack=99
But I can't set it on an ath card here. It may not apply to all hardware. It might be a loader value.

@provels

@provels Take a look at this file with the built in editor in pfsense GUI

Screenshot 2023-10-31 at 7.49.01 AM.png

This may have blocked you from turning it up. It might be limited by way of this file. . .

Scroll down and find WiFi 11g and check for something called max power

You guys all scare the hell out of me.
I've loads of APs without any passwords at all.

And at home neither, as I haven't seen yet any rabbits with some BYOD ....

In Diag > Packet Capture. Set it to filter for ports 67 or 68 to see the DHCP traffic.

Renew the lease in Status > Interfaces.

You will see the DHCP packets as it captures them and also can download the resulting capture to see what they contain.

Steve

@JonathanLee said in SG-2100 and Compex WLE200NX card:

I was reading FreeBSD has Intel support for AC and AX somewhere

They have support for that hardware BUT:
There is not support for .ac or .ax so the cards can only run in .na/g mode.
They an only run in station mode not hostap so cannot be access points.

@provels 802.11NG 20ht was really bad for me. It only works well with 802.11NA on -40ht with a 5dbi antenna set. The 8dbi was like a laser or point to point. The 5dbi is like an oval shape for coverage.

@Panja What kind of dbi is your antena? 7, 8 or 10?

https://dongknows.com/wi-fi-dbi-and-high-gain-antennas-explained/

Hello I wanted to share that I have found a possible solution to the stuck beacon on my SG-2100

Screenshot 2023-10-25 at 4.19.48 PM.png

Make sure all of the following are checked under SystemAdvancedNetworking

Hardware Checksum Offloading
Hardware TCP Segmentation Offloading
Hardware Large Receive Offloading

They must be disabled for Snort's inline mode to function. When I was testing trying to activate Snort's inline mode I left them like this and the stuck beacon error stopped all day. It is completely gone now.

@WaltW-0 said in No Internet with Wireless Access Point:

My computer's IP shows in the DHCP Leases in pfSense.

Is that true connected to the router both wired and wireless?

It sounds like it might be filtered in the Asus router.

Steve