pfSense as a WAP in laptop?

omarm992 · Apr 22, 2020, 6:22 PM

Hi everyone. I hope I can get some help from you.

I'm very new into this and I've been reading a lot, but I haven't been able to acomplish what I want.

I have a modem/router that my ISP has provide with WiFi (I'd like to keep that feature). I can not change it to bridge mode. It has DMZ if that somehow helps.

I installed pfSense to an old laptop and want to connect it to my current WiFi router and create another wireless connection with VPN. Maybe do some bridge? I'm not sure about correct terms.

This is how my interfaces look like in pfSense:

Gertjan · Apr 23, 2020, 4:30 PM

@omarm992 said in pfSense as a WAP in laptop?:

I'm very new into this and I've been reading a lot, but I haven't been able to acomplish what I want.

Because you're asking for a more advanced setup ;)

The WAN interface (the re0 one) should be cabled up to your ISP router ... using a cable. That's the easy part. Just be ware of the fact that if your pfSEnse uses 192.168.1.1/24 your ISP router can't (use that on it's LAN == WAN of pfSense).

The Wireless interface should be set up as a "AP". The bad news is : this is tricky.
FreeBSD support for Wireless devices is ... bad.

Choosing an "old laptop" is also not putting all the chances on your side (== complicating things).
An old 5$ worth PC and an extra 5$ NIC, cabled up to a a ebay-style $$ worth AP would be easier, more straight forward.

omarm992 · Apr 23, 2020, 6:31 PM

@Gertjan Thanks for your reply. This is what I did so far:

Swaped the interfaces. The re0 is the cable interface and I assigned as LAN; and rlan_wlan0 is the WAN. Now this is how it looks.
Both are set as static IP (different subnets):
WAN: 192.168.1.90/24
LAN: 192.168.0.240/24
My ISP WiFi router is 192.168.0.1
Activated DCHP server on WAN
Created the Firewall rule as in Netgate Docs

I already configured the WAN as an Acess Point and I can connect from my phone, but I don't have internet. How can I solve that?

Do I have to configure something on my ISP WiFi router?

On pfSense it says "ral0: need multicast update callback" ... I don't know what that means.

Gertjan · Apr 23, 2020, 10:10 PM

Mega failure 1 :
@omarm992 said in pfSense as a WAP in laptop?:

Both are set as static IP (different subnets):
WAN: 192.168.1.90/24
LAN: 192.168.0.240/24

My ISP WiFi router is 192.168.0.1

Activated DCHP server on WAN

DHCP on WAN & 192.168.1.90/24 : that's impossible.
It's DHCP, and the up stream ISP router will give pfSense a WAN IP (and gateway etc)
Or Static - abd you can't just chose some IP, it has to be in the ISP LAN's network range, which is 192.168.0.1/24

This means that your pfSense LAN network can be anything from RFC1918 but not 192.168.0.0/24
What about the just perfect default 192.168.1.1/24 ?
Or make it 192.168.1.254/24 if you have to - but please motivate your choice.
But not something like 192.168.1.240/24 .... please.

@omarm992 said in pfSense as a WAP in laptop?:

On pfSense it says "ral0: need multicast update callback" ... I don't know what that means.

Me neither.
The entire world already knows it : FreeBSD and 'Wifi stuff' is ..... maybe somewhat better around 2030 ? ;)

Btw : the pfSense manual has a page about Wifi setup.

omarm992 · Apr 23, 2020, 10:15 PM

Well, it seems I just worked it around.

Just set the Wireless setting on WAN and had to bridge LAN and WAN and now it gives me Internet connection.

Now I just configured OpenVPN (from ExpressVPN) but it is still giving my current public IP.

Gertjan · Apr 24, 2020, 6:31 PM

@omarm992 said in pfSense as a WAP in laptop?:

Now I just configured OpenVPN (from ExpressVPN) but....

Just configured ?
There is a pfSense instruction page on their site that explains how to set up VPNClient on pfSense for ExpressV*N.
Not entirely up to date .... but I had it working after x tries. It's tricky.

it is still giving my current public IP.

That not a description for an error.

The VPN client actually runs ? It has the green 'check' ?
The VPN logs confirm the connection ?

omarm992 · Apr 24, 2020, 6:31 PM

@Gertjan This is how it looks like on Status tab:

It seems it is not working yet. Not sure where is the problem.

I followed this tutorial

Gertjan · Apr 24, 2020, 10:25 PM

@omarm992 said in pfSense as a WAP in laptop?:

followed this tutorial

That's a Ooops... 404

This one is from ExpressVPN :https://www.expressvpn.com/fr/support/vpn-setup/pfsense-with-expressvpn-openvpn/

stephenw10 · Apr 26, 2020, 12:19 AM

Some stuff seems to be reversed here. What exactly do you ant to achieve?

It seems like you want to setup the laptop running pfSense as an additional access point. Perhaps so that when you connect to it all you traffic goes via a VPN?

You have the wifi interface assigned as WAN and it's logically the LAN. Those are just names in pfSense, you can do it like that, but it's very confusing.

Steve