OPT1 wlan only working in bridge with LAN to WAN

evewes

What shall i do to get it work without a bridge? I have testing and testing but not getting internet. I must have CP and cant use bridge.
Wan->internet
Lan->192.168.1.1/24
Opt1->192.168.2.1/25

GruensFroeschli

Could you elaborate?
How does it "not work"?
What did you try to test?

evewes

@GruensFroeschli:

Could you elaborate?
How does it "not work"?
What did you try to test?

Thanks for your answer.
I get IP but i cant reach wan. I am stuck intthe firewall i belive?
Log files:
Jan 6 08:34:33 dhcpd: DHCPACK to 192.168.2.10 (00:18:de44:cb) via ath0
X Jan 6 08:35:32 OPT1Wlan 192.168.2.10:60766 192.168.2.1:53 UDP (@83 block drop in log quick all label "default deny rule"")
X Jan 6 08:45:41 OPT1Wlan 192.168.2.10:53877 1.0.0.127:dnsbugtest (@83 block drop in log quick all label "default deny rule"")

I dont know if this is enough?

GruensFroeschli

What firewall rules do you have on the opt interface?

evewes

@GruensFroeschli:

What firewall rules do you have on the opt interface?

NAT outbound:

SkärmklippPFS1.JPG
SkärmklippPFS1.JPG_thumb

GruensFroeschli

These are the NAT rules.
I'm talking about the firewall rules.

Also i would deactivate your AoN and let it be handled automatically.:
@http://forum.pfsense.org/index.php/topic:

Every locally connected subnet, whether defined and reachable via a static route or attached to a LAN or OPT interface, will have its outbound traffic leaving any WAN interfaces NATed to that WAN interface's IP. You can change this behavior by enabling Advanced Outbound NAT (AON) but this is usually unnecessary and adds unneeded complexity.

evewes

@GruensFroeschli:

What firewall rules do you have on the opt interface?

Firewall:

Sry! i dont figured out how put in two pictures at the same time, who could possibly now that an answer could come almost before i send the quote ;)

SkärmklippPFS2.JPG
SkärmklippPFS2.JPG_thumb

GruensFroeschli

Destination: "WAN address" means exactly that.
Traffic destined for the address of the WAN.
Change your destination and it should work.

evewes

@GruensFroeschli:

Destination: "WAN address" means exactly that.
Traffic destined for the address of the WAN.
Change your destination and it should work.

I totally opened the firewall and it let traffic pass now its not "forwarded" against WAN i think, if i can think any more! See pic.
Another question can i use CP for two interfaces LAN and OPT1 WLAN?

SkärmklippPFS3.JPG
SkärmklippPFS3.JPG_thumb

GruensFroeschli

The CP can currently only one one interface be enabled.