Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Install to netbook, dd-wrt router, two wireless networks?

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      allparadigm
      last edited by

      I have been having some trouble getting this set up:

      Internet–>pfSense on netbook (internal NIC)-->usb NIC-->dd-wrt router

      dd-wrt router then acts as switch for 3 wired devices (desktop, voip, and printer) and creates two wireless networks, one bridged to the wired devices, one only to internet.

      Any detailed help is appreciated. I have tried following a few tutorials and posts , but cannot seem to make it work, particularly the second ("un-bridged") wireless network.

      I think the two biggest obstacles are not having a third NIC, so the tutorials all describe making an OPT1 interface, but this is also my LAN. Also do I then make a vLAN for the unbridged?

      Do I just need to get a third NIC?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        With just two NICs you will need to use VLANs to isolate the two wifi APs effectively. You could probably also do some sort of tunnelling from dd-wrt but that's probably even more complex.  ;)

        I assume you have disabled all the DHCP and NAT functionality in dd-wrt?

        Steve

        1 Reply Last reply Reply Quote 0
        • A
          allparadigm
          last edited by

          Thanks.
          Yes dhcp and NAT are disabled on the dd-wrt.
          Wasn't sure if I needed to make a vlan on both pfsense and dd-wrt.

          that's probably even more complex

          Pretty sure the whole thing is over my head, but I'll plug away intermittently.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Keep at it.  :)
            At the very least you'll learn quite a bit just by trying.

            You need to configure DD-WRT to tag traffic coming from the virtual access point with your VLAN tags, say VLAN 10. Then in pfSense you add a VLAN interface with the same number. You can then configure your firewall rules appropriately to allow/disallow traffic.

            One thing to be aware of is that some NICs have a problem with tagged and non-tagged traffic at the same time. They will simply reject the non-tagged traffic. It's a small proportion of NICs though, I've never seen it happen. It is advised, therefore, that you avoid having tagged and non-tagged traffic on the same interface. You could do this by tagging all traffic from DD-WRT but with different tags and then using only VLAN interfaces in pfSense. However this is probably something you can look at somewhere down the road.  ;)

            Steve

            1 Reply Last reply Reply Quote 0
            • M
              markuhde
              last edited by

              I have VLAN isolated VAP's working in Atheros DD-WRT. Never could get them working in Broadcom DD-WRT. I strongly recommend just buying an AP made for this. Right now, I'm recommending the EnGenius EAP-600.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.