Ability to route to different gateways based on DHCP ip address returned
-
I take the same Tablet, change to SSID A, go on website www.whatismyip.com and it says USA
Here I assume you meant SSID B.
I won't be pursuing this anymore….it's looks like a dead end....
Not so fast! I have not tried this myself, but perhaps you could use policy-based routing. I propose:
- Do not use multiple LAN DHCP servers; only use one
- Do not use multiple LAN subnets; only use one
- You have one interface for each of the three APs, plus a bridge interface that bridges them all together.
- Do not assign any of the AP interfaces to have an IP. Only assign an IP to the bridge.
- Have three different gateways, one for each VPN.
- For each AP interface, create a firewall rule for policy-based routing. This requires going to Firewall / Rules, and under Advanced, selecting the appropriate Gateway.
I'd be interested to hear whether this works. You might need to change some of the tunables relating to bridge filtering.
-
Interesting ! :) So basically bridge 3 interfaces together within 1 subnet, use 1 dhcp (not choice if bridged) but then use the interfaces for rules for gateway. ;D
Can anybody here confirm what Reinderien suggested ?
It might take me a bit of time to re-produce, I need to bridge 2 interfaces together ( never did that ).
Wonder if I can bridge 2 VLAN, need to read on that also.
okay, before giving up, your suggestion does merit some investigation :)
-
- Do not use multiple LAN subnets; only use one
Access points that support multiple SSIDs generally use VLANs. You can't have the same network on different VLANs.
-
Access points that support multiple SSIDs generally use VLANs. You can't have the same network on different VLANs.
Thanks. That's true, I didn't think about that (ubiquity supports 4 SSIDs but they are VLANS)
I have an extra old router that has AP mode (2.4GHZ only) that I can plug and create an interface.
I don't mind buying a few access point if I can make this work ! :)Would it work ?
-
Would it work ?
Dunno, and I don't have multiple APs to try. You could try it with one or more cheap APs-on-a-USB-stick.
-
The problem with what he wants is there is no way, short of VLANs, for pfSense to do what he wants. His first problem is having some difference that can be recognized. For example, the MAC address will not change with different SSID, so a DHCP server can't issues a specific IP address. With VLANs, it's a simple matter to have a different address range that can be filtered, but he doesn't want to do that.
-
the MAC address will not change with different SSID
It will if the SSIDs are offered over different interfaces.
-
Since he wants them to be in the same subnet, sooner or later they'll be on the same network/interface. There's no way around that, given he wants multicasts etc. to work.
-
That means the earlier suggestion of reinderien of bridging the interfaces together won't work because you can only have 1 DHCP per bridged interfaces ?
So the only way to achieve this is VLAN which comes with it's caveat such as difficulty to have SONOS appliances working across VLAN.
If I want to stick to the same subnet, I have only 2 choices
-
Manually change the IP ( Boring…. it's so 90's....)
-
Write little Android App / Win 32 App that I press a button and it switches IP address. At that point, mind as well use OpenVPN software. Some VPN providers only allow 1 OpenVPN Tunnel connectivity.
Thank you all for you help & suggestion
-
-
That means the earlier suggestion of reinderien of bridging the interfaces together won't work because you can only have 1 DHCP per bridged interfaces ?
You can certainly have more than one DHCP server and that's often done for redundancy. However, expecting a DHCP server to know whether you want to use it will not work. When a device makes a DHCP request, any server can respond and generally the first response is used.
