Pfsense work in 1 Nic ?

mghong

@dreamslacker:

Yes, you only need 1 NIC if you choose to use VLANs.  Normally, it would be simpler to add another NIC.  Unfortunately, since you are looking at USB NICs, this can be a little tricky.  Compatibility is an issue and even then, they're known to be flaky in operation.

it leave me no other choice , i need to dig on the trash bin to find a dump workstation to play with this,hopefully i don't need to spend big buck…

If i with a 1 NIC how will the inter connect work ?

ADSL -> pfsense  -> Switch - > Other Pc ?

dreamslacker

ADSL ->  DSL Modem -> Vlan switch -+-> Pfsense
                                                  +-> Computers

mghong

@dreamslacker:

ADSL ->  DSL Modem -> Vlan switch -+-> Pfsense
                                                   +-> Computers

Hi dreamslacker

This configuration look nice but with pfsense and other computer is in different vLAN , switch need to identify from "Computers" if want to go WAN , they must pass Pfsense ?

Is there possible for this Vlan switch to be "wireless" for "Computers" ?

dreamslacker

@mghong:

Hi dreamslacker

This configuration look nice but with pfsense and other computer is in different vLAN , switch need to identify from "Computers" if want to go WAN , they must pass Pfsense ?

Is there possible for this Vlan switch to be "wireless" for "Computers" ?

Yes.  The pfsense is your internet gateway, your computers need to go through it to access the internet.

Lets just take for instance, that your 'LAN' is on VLAN 100 and your 'WAN' is on VLAN 200.  On the single NIC pfsense, it has a VLAN trunk to the switch that has both VLAN 100 and VLAN 200.
These show up as virtual interfaces which pfsense then uses as LAN and WAN respectively.

On the switch itself, the port used to connect the modem is the only port besides the pfsense port to be configured as VLAN 200.  Hence, all traffic from this port HAS to go to the pfsense box.  Similarly, the pfsense box sends all internet traffic to VLAN 200 which CAN ONLY go to this port connected to the modem.
All other ports are configured as VLAN 100 untagged.  This allows all LAN traffic to freely move between ports.  Any dumb wireless AP can be connected here and it won't know better since the switch will remove the VLAN tag going out and add the VLAN tag internally for packets coming in.

mghong

@dreamslacker:

@mghong:

Hi dreamslacker

This configuration look nice but with pfsense and other computer is in different vLAN , switch need to identify from "Computers" if want to go WAN , they must pass Pfsense ?

Is there possible for this Vlan switch to be "wireless" for "Computers" ?

Yes.  The pfsense is your internet gateway, your computers need to go through it to access the internet.

Lets just take for instance, that your 'LAN' is on VLAN 100 and your 'WAN' is on VLAN 200.  On the single NIC pfsense, it has a VLAN trunk to the switch that has both VLAN 100 and VLAN 200.
These show up as virtual interfaces which pfsense then uses as LAN and WAN respectively.

On the switch itself, the port used to connect the modem is the only port besides the pfsense port to be configured as VLAN 200.  Hence, all traffic from this port HAS to go to the pfsense box.  Similarly, the pfsense box sends all internet traffic to VLAN 200 which CAN ONLY go to this port connected to the modem.
All other ports are configured as VLAN 100 untagged.  This allows all LAN traffic to freely move between ports.  Any dumb wireless AP can be connected here and it won't know better since the switch will remove the VLAN tag going out and add the VLAN tag internally for packets coming in.

I only have a 4 port WIFI route which are DIR-615 Dlink ,but still i wonder will my DIR-615 able to support this ?

Why i want to switch to pfsense as router+firewall is because my DIR-615 is not powerful enough when we have 3 people who surf on the net and download some files. hence i though of use my old pc as Pfsense to handle all this and expected to squess my broadband to maximun …:)

ADSL ->  DSL Modem -> DIR-615 -+-> Pfsense (Atom pc)
                                                  +-> Computers (laptop's)

dreamslacker

As mentioned before, you need a VLAN capable switch.

The DIR-615 won't do it unless you load OpenWRT or DD-WRT and the revision has to be supported.  Also, the configuration for VLANs will be in command line, not webgui.

mghong

@dreamslacker:

As mentioned before, you need a VLAN capable switch.

The DIR-615 won't do it unless you load OpenWRT or DD-WRT and the revision has to be supported.  Also, the configuration for VLANs will be in command line, not webgui.

Any recommend switch ? dont want to send my budget into blackholes

Cry Havok

The RouterBoard 250GS is cheap and VLAN capable.

clarknova

You can uses your DIR-615 as an access point if you want, but you'll still need a vlan switch:

ADSL ->  DSL Modem -> Vlan switch -+-> Pfsense
                                                  +-> Computers
                                                  +-> DIR-615 ))) wireless computers

See also: http://www.dslreports.com/faq/11233

mghong

Hi guy

Thank for your help… i just got another alternative but i need to run a proof of concept to show it really a router problem instead of DSL problem.

Checking for existing issue before i create another thread for this..

Thank guy..