Extend Network to other factory

hoba · Jan 17, 2007, 10:03 AM

Yes, I have a setup similiar to this (though not wireless but static 2 mbit/s link). Set it up in the following way:

Internet–-----Mainoffice-------wan/pfsense1/lan(wifi) ) ) ) wifi link ( ( ( wan(wifi)/pfsense2/lan---------Branchoffice

Setup a transfer network that both pfSense can share for the wireless link.
Enable advanced outbound nat at both pfSense systems at firewall,nat, outbound and delete all autocreated nat rules to convert the setup into a routing platform.
Now create pass any any any rules at wan and lan (change the default lan pass rule from source subnet lan subnet to any).
Create static routes at pfSense1 to point to the remote lan subnet behind pfSense2
create static routes at your mainoffice default gateway to point to the pfSense1 for the remote lan subnet (add the transfer subnet too if you want to be able to reach these IPs)
at pfSense2 setup the dhcp server to hand out IPs for the branchoffice. assign the dns-server of the mainoffice (alternatively you can setup dhcp relay but using the pfSense dhcp server should be easier and dns will manage the rest)
optionally set up the trafficshaper at both systems to give priority to terminalsessions or whatever

bean79au · Jan 17, 2007, 10:38 AM

Hi Hoba,
Thanks for the reply. What do you mean by a transfer network? Sorry if it sounds stupid to ask.

Beau

hoba · Jan 17, 2007, 11:44 AM

Some kind of in your setup unused network like pfSense1 wireless interface is 172.16.0.1/24 and pfSense2 wireless interface is 172.16.0.2/24, gw 172.16.0.1. This way you won't have any broadcasts on the wireless link eating bandwidth.

This transfer net will only be seen in traceroutes.

bean79au · Jan 17, 2007, 12:09 PM

Should i use adhoc connection or AP and Infrastrucure?

Thanks,
Beau

hoba · Jan 17, 2007, 12:15 PM

I would go with AP at one end and infrastructure at the other end.

tag · Jan 23, 2007, 12:35 PM

Hi,

I am also trying to setup a similar configuration, but my question is how do I get the one pfsense1 wireless to connect to pfsense2's wireless.

I have pfsense2 as a wireless AP, but how do I setup pfsense1 to conenct to that AP?

Thanks
Tonino

hoba · Jan 23, 2007, 7:49 PM

The second pfSense has to be set to mode "infrastructure" with the same channels/ssid/encryption/… .

tag · Jan 24, 2007, 5:40 AM

great - thanks. I got it working.

:)

lsf · Jan 24, 2007, 5:53 AM

For future reference: http://wiki.pfsense.com/wikka.php?wakka=Wireless

bean79au · Feb 2, 2007, 10:39 PM

Hi all,
I have tried this setup. I have set it all up in one room at the moment with 2 computers. I have set 1 as an AP and the other as infrastructure. However for some reason when i go to status/wireless it wont show the AP but it will show our AP for our internet connection. If i scan for AP's using my laptop it will show both the Internet AP and the PF AP. They are both on different channels.
Any help please?

Beau

bean79au · Feb 3, 2007, 11:46 AM

Ok,
I can see the Infrastructure PF box from the PF AP and it even show the wireless ip of the INF PF in the ARP tables, i have created the rules any,any,any for both the lan and the wireless on both box and i cannot ping the other box from the AP.
Beau

hoba · Feb 3, 2007, 4:39 PM

Make sure you have all needed routes in place and you did shut down natting where needed. You also need to uncheck interfaces>wan "block private IP Ranges".

bean79au · Feb 10, 2007, 12:58 AM

Hi Hoba,
Sorry to be a pain again (i am new to this) i still cannot get this to work for some reason, i cannot even ping between the 2 pfsense units. With the rules do i set them in the NAT page or in Firewall/Rules page? And with the static routes what would the Gateway be?

Thanks,

Beau

hchady · Feb 13, 2007, 9:32 AM

the simpler way is to buy 2 access points that are WDS or bridges capable (like buffalo WHR-HP-G54), once wireless link is configured by wds for example, you just need to connect them to each part of your network

Chady