Need Setup Pointers Access Point Setup To Client infrastructure 54MB

ampwifi

Start off by saying pfsense RULES. Have 10 apartment buildings up and running in adhoc mode. 12 apartments in each building. (120 Apartments)

Heres what I would like to do. ADHOC is only permitting 11mb across the network. Would like to change it to Access Point at 54MB with client infrastructure. My 4 90% panel antenna is on the right side of building B.
All my interfaces are on the same including the dual wans constructed with daulwan1.2 how to. Has anyone set pfsense up in this way? If so can you give me some type of direction. I can access the ap from a laptop and surf the internet fine. Just cant seem to get the client PFSENSE 3 to allow the lan to use the same path.

Current Setup
Gateway dual wan 1 lan pfsense captive portal, dhcp, squid, manul NAT, Sticky Connections, Wan 192.168.0.1/24 Wan2 192.168.1.1/24 lan ip 10.0.1.254/24
pfsense 2 - wan 10.0.1.2/24 (pfsense) lan - 10.0.1.3/24 bridged Access Point
pfsnese 3 - wan 10.0.1.4/24 (pfsense) lan - 192.168.2.1/24 infrastructure

I have read another post which says not to bridge any interface which I have tried, but can't seem to connect to the wifi on the access point that way.

This seemed simple enough. Just had to leave it alone and Start from scratch. Everything just worked when I was done. Will upload xml for example to others. In the apartment building layout (See Image) someone has not built a building I. Seemed strange to me. Don't think I don't know the abc's. LOL

apt.png_thumb

Traffic.png_thumb

ampwifi

I have now created the current layout. (See example Image below) Everything is working fine with the structure as far as internet access to the members. I have Geovision DVR's in each building and have created different access ports on each of the client DVR'S. List of current DVR computers.

Ports needed: 81 4550 5550 Building A DVR IP Lan 192.168.2.45/24
Ports needed: 82 4551 5551 Building B DVR IP Lan 10.0.1.25/24 OFFICE
Ports needed: 83 4552 5552 Building C DVR IP Lan 192.168.3.45/24
Ports needed: 84 4553 5553 Building D DVR IP Lan 192.168.4.45/24
Ports needed: 85 4554 5554 Building E DVR IP Lan 192.168.5.45/24
Ports needed: 86 4555 5555 Building F DVR IP Lan 192.168.6.45/24
Ports needed: 87 4556 5556 Building G DVR IP Lan 192.168.7.45/24
Ports needed: 88 4557 5557 Building H DVR IP Lan 192.168.8.45/24
Ports needed: 89 4558 5558 Building J DVR IP Lan 192.168.9.45/24
Ports needed: 90 4559 5559 Building K DVR IP Lan 192.168.10.45/24

On my client PFSENSE boxes I have a different subnet & ports for the dvr computers in each apartment building. My plan is to be able to access the DVR via Internet address. eg: buildinga.example.com
My question is what would be the best way to make this happen? Have to say the more I deal with PFSENSE the more excited I become. Sorry the example image is so busy.

index.png_thumb

ampwifi

I have setup the dvr client on building E to be viewed in the office. I have set some rules to get the camera viewer up. The client computer should contact the DVR on port 85 http://10.0.1.133:85 & I would like to be able to access the Pfsense box on the same IP. Sites Setup images below. To get this to work be sure to use the static port feature, as I have found out that the platform will scramble ports by default. Thanks, Ken

aliasrrule.png_thumb

lanrules.png_thumb

ampwifi

As promised I am posting a xml file for quick setup. Be sure to look for the 4 ? marks (????) to change to your own configuration. Pointers: Use a backup configuration and transfer the fields in xml to match in the new script, and restore the new script. Then access the Pfsense ap on the https of the wifi side, and the client on the https of the wired side. Setup WPA2 on the wifi. I am new to the PFSense and have been learning on my own. I have been spending long hours in a lab learning what I can from the forum. My only problem is I am dyslexic and get things backwards. Hope this post can help someone.

http://ampwifi.com/ap.xml

http://ampwifi.com/client1.xml

ampwifi

Had to setup the client DVR to be accessed on the 192.168.2.0 network. This rule needed to go on the PFsense 1 to allow trafic to the DVR'S. To do this I went under alias and created the ports needed for each building and giving a name I can translate into the rules. Then I created the rules using other as the port and typed in the alias name of that rule to it. All cameras at this time are accessable to the office.

Gatewayfirewallalias.png_thumb

Gatewaywanrules.png_thumb

ampwifi

We have a mock network in our lab and today We installed the FreeRadius server on the gateway. We turned on the captive portal on the client pf3 and pointed the ath to pf1 and could not ath to radius on the 10.0.1.0 network Which we needed to ath buildingb. We turned on the captive portal on the pf1 and recieved a double login when trying to ath from pf3. Ath was working to the radius, but we had to login twice. We added the pf3 Wan ip to the pf1 captive allowed ip address with a from instead of to, and then We only recieved one login page which is functional. Now all members will have to ath before they can access the internet.