Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help me Separate Wi-Fi from LAN

    Wireless
    3
    4
    3.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chris32lr
      last edited by

      Hello all,

      I tried following the steps listed in step 3 here: https://doc.pfsense.org/index.php/InstallationGuide However, I must be getting something wrong in my setup. Here's what I did:
      WAN: 62.x.x.x
      LAN: 10.0.0.254 < – DHCP Disabled
      OPT1-Wifi: 192.168.2.5
      DHCP is enabled on OPT1-Wifi with a range of 192.168.2.5 to 192.168.2.15

      pfSense is installed as follows:

      Cable modem > pfSense > Switch > PCs

      I then setup my two access points in point-to-point bridge model, one as 192.168.0.1 and the other as 192.168.1.1. The access points were able to connect to each other (I could see them connect in each access point's 'activity' tab). I could also see the SSID being broadcasted, but when I went to connect to it, I would get disconnected before even being prompted to put the password in.

      Anyone know where I went wrong here?

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • C
        chris32lr
        last edited by

        UPDATE:

        I was able to connect to the access point, but I cannot access the internet while connected to WiFi. I can connect to the internet with any computer inside the LAN and can ping the computers connected to WiFi. I can also ping computers connected to the LAN from a computer connected to WiFi.

        Under Firewall > Rules > Opt1-Wifi I have:
        Pass
        Interface: OPt1Wifi
        TCP/IP Version: IPv4
        protocol: any
        source: any
        destination: any
        port range: any

        I don't see any packets being blocked on the Wifi Interface. Any ideas?

        1 Reply Last reply Reply Quote 0
        • L
          lsf
          last edited by

          Did you create a NAT rule for the OPT IP range?

          -lsf

          1 Reply Last reply Reply Quote 0
          • M
            mikeisfly
            last edited by

            I see a couple of things:

            1. Don't you want your AP's managment IP to be in the same address space as OPT1?
            2. You made OPT1 192.1682.5 but you made your scope 192.168.2.5-192.168.2.15 which means you could have some issues there. I'm surprised you didn't get an validation error.

            What is your subnet mask of your OPT1? Can your clients see the mac address of the gateway? arp -a will tell you if they can see pfsense. Not sure what kind of Wireless routers you have but if they are not true AP then try just this:

            1. Set your PfSense LAN IP 192.1682.1 subnet mask 255.255.255.0
            2. Set your WiFi Router LAN IP to 192.168.2.2 255.255.255.0
            3. Set your WiFi Router B LAN IP to 192.168.2.3 255.255.255.0
            4. Disable DHCP on both WiFi Routers
            5. Plug Wire from Switch into the switchport of your APs not the router port (WAN or Internet)
            6. If your APs or Switch don't support MDI-X then you will have to make a crossover cable to connect switch to switchport on your APs.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.