Pfsense setup over an existing wired network

jeroen234 · Feb 1, 2007, 6:57 AM

Hello,

I need to configure pfsense to work with an existing LAN network.
the existing LAN is a university network that have it's DHCP server

pfsense server is now connected to this network on the WAN port (WAN adress 134.214.116.x/22)
the LAN side have DHCP and captive portal enabled (DHCP range 192.168.10.x/24) and is connected to an access point (WRT54G) to serve only wirless clients.
to extend the range of my wirless network, I am using many WRT54G connected by WDS.
Everything work great, I don't have any problem with this configuration
But over WDS my transfer rates are around 4Mbps.
Now I would like to modify my configuration and find a way to connect my access point by LAN to have higher transfer rates (on wan side I have ~45 Mbps)

note that every added ap with wds will cut youre transfer rates in two
and that wireless is one way thafic and cabled is 2 way trafic
with one 54 mb ap(11g) you get a max transfer rate of 27 mb
example with 54 mb ap's
1 ap 27 mb
2 ap 13,5 mb
3 ap 6,7 mb
4 ap 3,4 mb
etc

hchady · Feb 1, 2007, 9:26 AM

yes sure, I know that wds cut transfer rates. but i didn't have another option !

now i am trying to setup VLANs but i am not really familliar with this kind of setup

also we have some installed switched that are not vlan compatible so i can only play with start and end switches… any chance to work ?

hoba · Feb 1, 2007, 8:02 PM

Most non vlan capable switches will pass the traffic unchanged. it might work though you won't have the security level that real vlan switches would provide you with.

hchady · Feb 1, 2007, 8:59 PM

and what about PCs connected to non-compatible VLAN switches ? they get their dhcp leases from pfsense or from the campus network dhcp ?

thanks

hoba · Feb 1, 2007, 9:12 PM

They should get it from the campus server and ignore the vlan traffic though they might see them. Nics that support VLANs could be configured to reside in the VLAN though, so it depends on how the client is configured or what the client supports.

hchady · Feb 6, 2007, 12:20 PM

it didn't work as expected,

wireless clients always get their dhcp leases from pfsense, but other PCs connected to the university switches get sometimes their leases from pfsense too …

hoba · Feb 6, 2007, 11:46 AM

Sorry, no other solution that I can think of then.

hchady · Feb 6, 2007, 12:23 PM

Thank you anyway

I will try to use EoIP between dd-wrt routers and see if it works

Chady

hoba · Feb 6, 2007, 12:45 PM

Not sure if the DD-WRT's support dhcp relay. Maybe that would work too.

rsw686 · Feb 7, 2007, 3:10 AM

I just updated my WRT54G access point to DD-WRT v23 revision 2. It does support DHCP forwarding. So you could go this route.

hchady · Feb 8, 2007, 9:14 AM

DD-WRT support DHCP relay and i was playing with this option also.

on pfsense i have denied unkown users to get a lease from dhcp and i have connected the pfsense LAN side to the campus network
DHCP forwarder is set on dd-wrt routers to forward dhcp requests to pfsense. routers are connected to campus network from their LAN side

Now when a registred wireless user connects to ddwrt router, it gets a dhcp from pfsense. but if it's not a registred user, it get an IP from the university DHCP after 1 minute : so no captive portal authetication and no security
and when a PC connects to campus network, sometimes it doesn't get its IP quickly. this is not a real problem, i think there are some additionnal setup to do with university network and routers.