New user. Cannot get wireless router to work with WAN. *** SOLVED ***
-
Hello everyone, So I setup PFSense today on an old AMD computer I had laying around. I have 2 i350 4 port Intel Nics plus the ethernet port on the mobo. I have 2 wireless internet routers of which either would be fine for what I am doing. I have successfully configured PF sense to work with PIA.
Here is the issue: No matter which wireless router I use (Asus RT-N66U or Linksys Smartlink), the wireless router set to access point mode works. It passes through DHCP to all of my devices correctly. I cannot however ping through to the internet (or browse) on any of these devices.. It feels (to me) to be a firewall issue as DNS works (the wireless devices can find google.com) but if I ping or TraceRT it blocks all packets (100% dropped). I am at a loss, why I came here, spent over 12 hours sofar looking through all the menus, watching every video I could find on the subject (go spaceinvaderone). Still not able to get the wifi to work with the internet.
Thank you for any help you can offer!
-
Without a diagram, it's difficult to say, but my first question would be... are your wireless clients on a different subnet? If so, it's probably a NAT issue or you may need to take another look at your firewall rules on that interface.
If you post a network map, we can offer more targeted troubleshooting efforts.
-
Here you go hope this is what you were looking for?
Both are on 255.255.255.0 -
Here is the interface for the WLAN (the wireless router I am using)
This is the LAN I copied it from:
-
SOLVED IT....
So all along I thought I had to connect the wireless router to another interface. I was looking at the diagram I drew and thought, why not just plug it in the switch and see if that works. It did. Within seconds I had wireless all through the network.
I am primarily a visual person so thanks for getting me to draw that it helped me think through the problem.
Regards
-
Glad it's working. Yep, plugging the AP it into the switch is the preferred deployment. However, the other way would have worked also. All you needed were firewall rules on the re0 interface allowing the traffic out and then a NAT entry on the PIA interface for the 192.168.2.0/24 subnet.