Need help setting up Pfsense between adsl modem and wireless ap
-
…if you need someone nice, PM doktornotor here on the forum. He has angelic patience and will guide you through step-by-step... 8-)
-
And to configure the wan I will follow these steps:
http://www.interspective.net/2012/05/pfsense-initial-configuration-adsl-wan.html
For the PPPoE, the wan interface is like you see in the 2nd link posted above, but if you ever need to go back and change the PPPoE or add new ones, you can find it in the menu options Interfaces, Assign, it will then bring up the Interfaces webpage so just click the PPP tab and you'll see one entry for the ppoe you have set up.
If you click Interfaces Assignment tab (1st tab on the web page mentioned above), you'll see your WAN interface should have PPPOE0(emX) - username visible in the drop down. emX is the corresponding interface for your WAN which is bridging to your modem.
That bit caught me out in the past and I spent ages trying to find those webpages to make changes.
-
So did a bit of thinking and since my pc/pfsense router has only one pci slot I chose to discard the built in stoneage ethernet and ordered one of these:
http://www.ebay.com.au/itm/High-Speed-USB-3-0-2PORTS-PCI-E-2-0-Express-Expansion-Card-Adapter-/291427831837?pt=LH_DefaultDomain_15&hash=item43da73d01d
And two of these
http://www.ebay.com.au/itm/USB-3-0-to-Gigabit-RJ45-Ethernet-LAN-Adapter-1000Mbps-for-PC-Laptop-Mac-/201207032685?pt=LH_DefaultDomain_15&hash=item2ed8dfab6d
Correct me if Im wrong but USB 3 should be fast enough to handle gigabit without any bottlenecks?
Will keep you guys posted incase this is useful to someone else
-
And to configure the wan I will follow these steps:
http://www.interspective.net/2012/05/pfsense-initial-configuration-adsl-wan.html
For the PPPoE, the wan interface is like you see in the 2nd link posted above, but if you ever need to go back and change the PPPoE or add new ones, you can find it in the menu options Interfaces, Assign, it will then bring up the Interfaces webpage so just click the PPP tab and you'll see one entry for the ppoe you have set up.
If you click Interfaces Assignment tab (1st tab on the web page mentioned above), you'll see your WAN interface should have PPPOE0(emX) - username visible in the drop down. emX is the corresponding interface for your WAN which is bridging to your modem.
That bit caught me out in the past and I spent ages trying to find those webpages to make changes.
Thanks dude Ill definitley comeback here when I want to change the PPoE
-
Well…..
USB NICs are notoriously prone to flakiness w/pfSense. Search the forum for references, there's more than two.....
I would look for a dual (or even quad) port NIC card instead of the USB3.0 card.
YMMV, and good luck whichever way you go.
-
USB NICs are notoriously prone to flakiness w/
pfSenseeverythingfixed it for you.
-
Well…..
USB NICs are notoriously prone to flakiness w/pfSense. Search the forum for references, there's more than two.....
I would look for a dual (or even quad) port NIC card instead of the USB3.0 card.
YMMV, and good luck whichever way you go.
Do you think this will do a better job?
http://www.ebay.com.au/itm/DELL-LAN-CARD-D33682-0X3959-PCI-E-2-PORT-GIGABIT-NETWORK-CARD-X3959-HIGH-PROFILE-/301650265434?pt=LH_DefaultDomain_15&hash=item463bc1c55a
Have to wait till i get paid tho.. :(
-
Do you think this will do a better job?
http://www.ebay.com.au/itm/DELL-LAN-CARD-D33682-0X3959-PCI-E-2-PORT-GIGABIT-NETWORK-CARD-X3959-HIGH-PROFILE-/301650265434?pt=LH_DefaultDomain_15&hash=item463bc1c55a
Have to wait till i get paid tho.. :(
Yes.
-
Yeah that's about 1000000% better than anything USB-based. ;)
-
Yeah that's about 1000000% better than anything USB-based. ;)
Bought it, Thanks to paypal I can pay after delivery :D
I cant believe I didnt think of this before, going through the trouble of getting a usb 3 nic and then 2 gigabit usb adapters altogether set me back about $45 for the things im gonna shelf.
The 2 port gigabit NIC set me back $49
Wish I wasnt so impulsive.
EDIT: Got a refund on the usb 3 giabit adapters so thats $30 not wasted… YAY!!
-
One of the reasons USB nics can be flakey in pfsense is freebsd doesnt remember the USB device order assigned to the nic if you unplugged them and plugged them back. Sometimes you may not see the changed USB order until you rebooted pfsense.
Anyway if you get hit by the problem in pfsense, the way to resolve it, is go into the same webpage I mentioned before using the menu options Interfaces, (assign), the webpage Interfaces:Assign-network-ports pop up.
You'll see your interfaces each with a drop down. The UEx (mac id) will change order, so you need to either unplug and move the cables to match the new order you see on this page, or reorder the _UEx(mac id)_s to what you have physically setup with the nics and cables ie as it was before.
If you dont know what goes where, the mac id can help you as the usb devices will have the mac id on a label somewhere on the usb nic.
Basically its the UEx order that gets messed up here on Interfaces:Assign-network-ports webpage because freebsd doesnt remember the order, but other OS's do or they have work arounds in place so its not an issue.
The only caveat is make sure your GUI access typically the LAN interface is a non-usb nic so in the case of a (old re-purposed) laptop which typically only has one motherboard nic, always make sure a rule exists for that motherboard nic so you can access the gui, but there is nothing stopping you from making your laptop motherboard nic an OPTx interface provided its got a rule to access the gui.
I havent experienced any other problems with usb nics and havent found any other problems in the forums concerning usb nics yet but anyone who would like to show me I would be grateful. :)
Things to bear in mind with usb nics, is they go through a different part of the OS and possibly some hubs like mine do to make life more interesting, unlike some of the more powerful nics which handle some of the basic network packet processing, usb nics are like dumb terminals so all the packet processing is handled by freebsd.
If you go into System:Advanced:Networking down the bottom you will see some options which relate to disabling some of the nic processing thats built onto non-usb nics. If you ticked (disabled) all the options here, you make those card/motherboard nics much like dumb/usb nics just so you know.
I'm not anti non-usb nics, in fact I've been using some of the earliest Intel dual and later quad port nics in MS SBS 2000 & SBS 2003 premium to increase network speeds onto a box already doing lots of work when hw prices were very much still a premium unlike todays almost disposable prices and I've also used proper fibre to overcome the distance limits you get with CATx cables & directional wifi, everything has its place and its use and everything has its weaknesses.
Knowing the strengths and especially the weaknesses is useful.
Edit. I should add if using a laptop as your pfsense box and you do still mess up your usb nics, you have the added benefit of the laptops monitor and keyboard giving you direct access to the Command Line Interface (CLI) and if its really old and sleeps when you close the laptop lid it might be using APM instead of ACPI but but the ACPI should show None so it shouldnt sleep anyway when you close the monitor.
Type :
sysctl hw.acpi.lid_switch_stateAt least you wont get dust building up on the monitor and keyboard whilst its running away. ;)
-
Hey Guys I have decided to get rid of the ASUS wireless AP and use one of these to broadcast wireless directly from the pfsense box.
http://www.newegg.com/Product/Product.aspx?Item=N82E16833166103
I am not sure if I will see a significant speed reduction because I only have usb 2 ports available, and the one nic slot is going to be used for a dual port gigabit adapter.
Is this device compatible with pfsense? And would the usb 2 make the network slower than it is atm using an RTN56u ac600
Thanks
-
So you get information that USB NICs suck then you decide to go against all recommendations regarding using a purpose-built AP and go with a USB Wireless NIC?
I don't get it.
-
Derelict has described it here somewhere how to set up an access point for WLAN:
At the access point
-
configure WLAN
-
turn off DHPC, give it a fixed IP outside (!) the subnet it's plugged to
-
connect a LAN (! not the WAN) port of the access point to your pfsense
At the pfsense
- don't do anything
Works just fine for me! :-D
-
-
So you get information that USB NICs suck then you decide to go against all recommendations regarding using a purpose-built AP and go with a USB Wireless NIC?
I don't get it.
Apologies for being indecisive I am just exploring my options.
My main question was usb 2.0 connected to the pfsense system would be a bottleneck on the wireless connection speeds?
In regards to what I am doing right now:
1.I am waiting for the 2 port gigabit NIC to arrive hopefully start of next week, I also ordered the usb3 pci which was super cheap. I am not sure what the other black port next to my pci port is, hopefully I could hook up a pci card to it will see when everything arrives. but not fussed about the usb 3 anymore.
2.I will first set up pfSense on box described in OP to act as a firewall between my bridged adsl2 modem and ASUS wireless AP. To test that everything is working.
3. I will then set up a openvpn on the pfsense using this guide:
http://support.purevpn.com/pfsense-openvpn-configuration-guide
And test that everything is working fine with the VPN.
4.a. If I manage to fit the USB 3 pci into the other slot on my Lenovo thinkcentre, I will look at buying the Wireless USB 3 a/b/g/n Rosewill device linked above and running that as the wireless AP and removing the ASUS AP from my setup. The device will definitly be faster
b. or I will just look at buying a fast internal wireless NIC all depends on if the slot works. (I cant be sure right now because I am currently backing up a 4TB HDD via usb 2 on that system so cant open it up.
I will try and post a picture here in a few days still have 40 hours till the HDD copies.
Sorry for the confusion.
-
USB2 is 480Mbps max iirc but you'll never get that in real life, then you need to consider how they have it setup, in the RPi's they only have one controller despite two usb ports so there will be a bottle neck on RPi's which you can amplify by adding a usb hub then various usb nics but your device might have a controller for each usb port so maybe less of an issue.
But then you also get less data throughput through wifi the further away you go as the packet retries increase over distance and it needs to train down the speed to compensate. If you dont run the wifi encrypted you'll get best speeds but packet loss is bad and a big no no if you do lots of db work over unecrypted wifi the chances of messing up the db increase alot, better to encrypt wifi if doing db work over it.
If the vpn guide is for an earlier version, you might want to load up the same version of pfsense as in the guide and set it up that way before upgrading pfsense to the latest version, catch22 is an earlier version of pfsense read that as freebsd didnt support some nics so just make use your hw is supported first if you plan to go that route. I only suggest this as there have been the odd changes between versions which might make it easier to follow.
fwiw.
-
USB2 is 480Mbps max iirc but you'll never get that in real life, then you need to consider how they have it setup
I dont think It would matter how they have it setup on my Pfsense box because I will be using dual port gigabit nic and only one usb peripheral the one I described above. So Im sure it wont be splitting the speeds because its only running one device. Its not a RPI(I already tried IP FIRE and OPENWRT but the problem is as you explained above, one usb connector sharing 4 usb ports and an ethernet port) its an old desktop that Im trying to make use of.
My question is Wireless streaming should work fine around the house using usb 2 (am looking at possibility of adding a usb 3 nic as soon as I figure out what that black empty port is or a high end internal pci wireless nic)
EDIT: I have confirmed that the two free ports on my motherboard are 1 x Pci express and the other previously unidentifiable black port is a 32 bit legacy pci slot.
So that means I can use both dual port gigabit pci and a high end internal wireless pci? If thats right than Im going to ditch the ASUS and use my pfsense box as a full fledged firewall/router/access point, At some point further down the line I will use the native 100mb ethernet to connect another WAN to the box (if my IP doesnt provide a bonder device)
Can anyone suggest what the advantages of using two modems for internet/WAN interfaces is? With and without bonding on the ISP side,
thanks in advance
-
Wireless streaming should work fine around the house
Then just stay with your external AP and place it where it best covers your plant.
And forget about USB NICs/APs/KidsStuff in a router or firewall application. You've been warned often enough. -
Then just stay with your external AP and place it where it best covers your plant.
And forget about USB NICs/APs/KidsStuff in a router or firewall application. You've been warned often enough.Have edited the last post and will be using all internal devices ditching all the USB ones :)
The reason I want to remove the ASUS AP is because I want to take it overseas with me and set it up there as it is required for a little project there.
Also do you have any info on bonding two adsl i.e WAN1 and WAN2 using pfsense so they act as one connection if ISP provides right equipment and service on their end otherwise add another modem to the native port and make it act as WAN2 without the bonding? What are the advantages of each? I would be happy configuring WAN interface for seperate tasks and wouldnt be worried about overall download speed etc. Just that more people get to use the internet faster. Any suggestions or links?
Appreciate the response
