Pfsense setup over an existing wired network
-
yes sure, I know that wds cut transfer rates. but i didn't have another option !
now i am trying to setup VLANs but i am not really familliar with this kind of setup
also we have some installed switched that are not vlan compatible so i can only play with start and end switches… any chance to work ?
-
Most non vlan capable switches will pass the traffic unchanged. it might work though you won't have the security level that real vlan switches would provide you with.
-
and what about PCs connected to non-compatible VLAN switches ? they get their dhcp leases from pfsense or from the campus network dhcp ?
thanks
-
They should get it from the campus server and ignore the vlan traffic though they might see them. Nics that support VLANs could be configured to reside in the VLAN though, so it depends on how the client is configured or what the client supports.
-
it didn't work as expected,
wireless clients always get their dhcp leases from pfsense, but other PCs connected to the university switches get sometimes their leases from pfsense too …
-
Sorry, no other solution that I can think of then.
-
Thank you anyway
I will try to use EoIP between dd-wrt routers and see if it works
Chady
-
Not sure if the DD-WRT's support dhcp relay. Maybe that would work too.
-
I just updated my WRT54G access point to DD-WRT v23 revision 2. It does support DHCP forwarding. So you could go this route.
-
DD-WRT support DHCP relay and i was playing with this option also.
on pfsense i have denied unkown users to get a lease from dhcp and i have connected the pfsense LAN side to the campus network
DHCP forwarder is set on dd-wrt routers to forward dhcp requests to pfsense. routers are connected to campus network from their LAN sideNow when a registred wireless user connects to ddwrt router, it gets a dhcp from pfsense. but if it's not a registred user, it get an IP from the university DHCP after 1 minute : so no captive portal authetication and no security
and when a PC connects to campus network, sometimes it doesn't get its IP quickly. this is not a real problem, i think there are some additionnal setup to do with university network and routers.