access point / managed switch, VPN BOX
-
Hi
just installed pfsense vm, it works when i use it to directly connect to my isp, but i really want to use it as a simple access point or a managed switch.
i only have 2 ports on the network card, one will go to the router & the other to a device.
i want it as a vpn box, i dont want my whole house to be behind a vpn.
thanks
-
@flowermoron
https://docs.netgate.com/pfsense/en/latest/vpn/index.html -
J jimp moved this topic from Problems Installing or Upgrading pfSense Software on
-
how to set up my pfsense as an access point or switch?
-
Hmm, what exactly do you want it to do in either of those modes?
You would need some wifi hardware for it work as an access point. You'd have to pass it through from the VM host.
To work as a switch do you just mean transparently? Without DHCP/DNS etc?
Steve
-
just a regular managed switch or an access point, i mean i dont know what other term i can use to descripe it further.
you have a main router for example, you take an ethernet cable, plug it in, and then plug that into another router and that becomes an access point, or a switch, or whatever you call it.
-
@flowermoron If you drew what you want, we probably can help you realize it.
-
"a sub-device within the local area network that provides another location for devices to connect from and enables more devices to be on the network."
-
@flowermoron said in access point / managed switch, VPN BOX:
"a sub-device within the local area network that provides another location for devices to connect from and enables more devices to be on the network."
You seem to be describing a managed switch. To use one, you need to setup VLANs on pfSense, one for each logically-different network (e.g, one for administration, one for ordinary LAN use, one for wifi access-points, etc.). Then you need to tell pfSense to trunk those VLANs using a physical interface. You connect that interface to a trunk port P on your managed switch. Then create the same VLANs on the managed switch and tell it that port P is a trunk port for those VLANs. Then create access ports on the switch for each VLAN as needed, and plug your devices into the appropriate access ports.
To keep your network safe, I recommend doing all this configuration with your WAN disconnected, and only connecting it once you've tested all your firewall rules for correctness.
-
sounds very difficult, im not a networking expert.
if i get a netgate router will it work straight away like other brands?
-
@flowermoron said in access point / managed switch, VPN BOX:
sounds very difficult, im not a networking expert.
if i get a netgate router will it work straight away like other brands?
If you want only a single WAN and a single LAN, with no VLANs, a Netgate router will require only a little configuration, but probably more than your typical consumer-level router. If you want VLANs, that requires more configuration no matter what hardware/software you choose.
-
yes that's what i want, i have only 2 ports, one will be connected to my network & the other for a single device only.
i have a main router, connected to it is a poe switch for my cctv & also other routers that acts as "access points" all over my house. i want my pfsense vm to run the same way.
something like this.
-
@flowermoron The simplest thing to do would be to insert a pfSense box between your modem (WAN connection) and the "gateway" that currently connects to your modem. You should set pfSense's WAN interface appropriately (e.g., DHCP or static, depending on what your ISP delivers) and set its LAN interface IP to something that you aren't using anywhere else, e.g., 196.168.50.1, probably with DHCP enabled. Then you'll need to tell your current gateway to get its "WAN" IP via DHCP. Probably this will just work. It's not optimal, because you're double-NATing, once in pfSense and once in your current gateway. You'll need to set a static route in your current gateway to let your administration computer reach through it to pfSense's admin pages.
Once you've got that working, you could consider whether it works OK, or whether you want to optimize it.
-
It looks more like you are trying to use this as a VPN router so that anything on the LAN side of pfSense will use the VPN?
If so then that's not a switch and definitely not an access point. But that's good because pfSense is not a switch or access point!
Steve
