Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireless management with external AP?

    Scheduled Pinned Locked Moved Hardware
    10 Posts 4 Posters 8.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      RMSe17
      last edited by

      Is it possible to use pfSense for managing wireless network through an external AP such as WAP54G or using WRT54G as an access point?

      Or would I need an internal wireless card, and then use the WAP54G as a wireless repeater of sort?

      Thanks,
      RMSe17

      1 Reply Last reply Reply Quote 0
      • H Offline
        hoba
        last edited by

        Just connect an accesspoint to one of your opts. You have to configure wireless settings then at the accesspoint but you could have firewalling, caprive portal, dhcp,… managed at the pfSense then.

        1 Reply Last reply Reply Quote 0
        • R Offline
          rds_correia
          last edited by

          @hoba,
          I am currently planning to buy myself a new router box from Soekris or PCEngines and I will want to have wireless networking at home.
          What would you advise me?

          a) Soekris/WRAP with a miniPCI wireless card working both as a wireless access point and router/firewall appliance?

          b) Or would you advise me to buy the Soekris/WRAP and a real AccessPoint to connect in one of the OPT plugs?

          Please be aware that I would like to have WEP, WPA, WPA2, tkip etc… enabled on the WiFi network with no more than 2 or 3 hosts and a 4Mb/256Kb WAN connection with either PPTP or OpenVPN server enabled for 1 or 2 simultaneous hosts.
          Too many if, right?  :o
          Thanks in advance.
          Cheers

          pfSense 2.2.4 running on a HP DL385 G5
          WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

          1 Reply Last reply Reply Quote 0
          • H Offline
            hoba
            last edited by

            I would go with a soekris/wrap with atheros card. The only (more or less important) thing you can't do right now is macfiltering. However lsf has promised to add more features in the future (but don't expect this too soon, it's work for the next versions). Depending on the type of external AP (soho/enterprise) you should be fine with an embedded system and a wireless card (has more features like a soho AP but slightly less features than an enterprise AP). I have some colleagues using them at home with pfSense and we are using them at the office too. I also have 2 wraps with wireless at home to play around with. I only would go with an external accesspoint if the router has to be at a different location than the best location for the wireless to cover the needed area. However this is only my opinion, others might disagree.

            Btw, you can expect a throughput at the wireless interface of around 25 mbit/s with a wrap/soekris in WPA mode with AES encryption (measured real throughput in 108 mbit/s turbo a mode with my cm9). This sounds low but most commercial accesspoints won't be faster either (real throughput, not theoretical values, that you never will reach).

            1 Reply Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan
              last edited by

              On the other hand, I tend to say that pFsense rocks very well on an 'old PC' (give it at least a 10 Gb disk and 512 Mb memory - a 1.5 Ghz CPU).

              Extend your Wifi network with the help of a switch and some SOHO AP's and an alternatif firmware for these AP's. I consider that I have 'entreprise AP's', initialy worth 60 € each (from ebay, even less). [Yes, those Linksys WRT54Gxxx buggers  ;))
              You'll wind up with good covering, no need for high power on one spot, WPA(2) etc. is handled 'of box'. Rock solid also.
              Throughput is marvelous - my 3 AP's do clip the 100 Mb / FD OPT network card on the pfSense PC ones in a while, when more then 10 radio connections are present on those AP's.

              Using this setup in a hotel. pFsense fills in all the needs, and adds tons of extras.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • R Offline
                rds_correia
                last edited by

                Thanks for the tip, hoba.
                Now I would love to buy an atheros miniPCI but unfortunately I can't find them here in Portugal.
                I'm affraid that I will have to order it from abroad and that will get very expensive.
                Cheers

                pfSense 2.2.4 running on a HP DL385 G5
                WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

                1 Reply Last reply Reply Quote 0
                • H Offline
                  hoba
                  last edited by

                  Check http://madwifi.org/wiki/Compatibility for atheros based cards. Maybe you can find one of them near your location. I use the wistron CM9.

                  1 Reply Last reply Reply Quote 0
                  • R Offline
                    rds_correia
                    last edited by

                    Thanks for the tip hoba.
                    I don't want to hijack this thread so I'll open a new one with a couple more questions.
                    Cheers :)

                    pfSense 2.2.4 running on a HP DL385 G5
                    WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

                    1 Reply Last reply Reply Quote 0
                    • R Offline
                      RMSe17
                      last edited by

                      @hoba:

                      Just connect an accesspoint to one of your opts. You have to configure wireless settings then at the accesspoint but you could have firewalling, caprive portal, dhcp,… managed at the pfSense then.

                      Are there advantages to having wireless controlled by pFsense and then using WRT54G's with 3rd party firmware (HyperWRT or DD-WRT) as wireless repeater/access points vs having a WRT54G controll wireless settings (WAP/MAC)?  Just wondering if there is a justifiable advantage to it, since I would have to buy  another piece of hardware (PCI Wireless card)

                      Thanks!

                      1 Reply Last reply Reply Quote 0
                      • GertjanG Offline
                        Gertjan
                        last edited by

                        Depends.

                        If you have just one AP - then there isn't much difference, although its simpler to mange the access (if restriction applies) on one system. Complicated Hotspot pages ? Forget about these AP’s, handle them from pFsense box.

                        If you need a bigger surface (multiple floors) to cover, then using the WRTG(S)’s as simple AP’s, and pFsense to manage the lot – will be simpler. Some ‘simple’ filtering has to be done on a per AP basis (think about the Network Neighbourhood from Windows  - and protecting the AP’s them self).

                        I’m using myself a pFsense PC-based system – and an OPT1 interface. The hotspot function is enabled on it – behind it is a switch and 5 AP’s (WRT54GS + Sveasoft firmware). This never failed on me.

                        No "help me" PM's please. Use the forum, the community will thank you.
                        Edit : and where are the logs ??

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.