PfSense Wireless Access Point Use Setup
-
When I do a dhcp lease the WAP doesn't show up at all (192.168.2.2)
1. What do you mean by this? Your Access Point has a static IP of 192.168.2.2 so it shouldn't even need its own DHCP lease. Just your wireless clients (like your phone) should get an IP between 192.168.2.10-192.168.2.254 in your case.
Em1 – WLAN – IP: 192.168.2.1/24
2. Also, em1 interface is correctly set up, right? Static IP?
3. Are your firewall rules for WLAN interface correct? Pass rules, not block/reject?
-
Hi,
Yip, i can ping 192.168.2.2 with no packet loss.
When I do a dhcp lease the WAP doesn't show up at all (192.168.2.2) but I can see the SSID on my phone and when I connect to that I can see my mobile phone connecting and it gets an IP address of 192.168.2.10 (but still no internet access)
I added the same firewall rules to the WLAN as the LAN interface has "Default allow WLAN to any rule" & "Default allow WLAN IPv6 to any rule" only one i couldnt copy over was the "Anti-lockout rule"
I have set the pfsense to be my dhcp server and switched dhcp off on the WAP.
I've just bought an ASUS RT-n66u (very good price lol) and put that into AP mode. Changed to static IP
IP: 192.168.2.2
SUB MASK: 255.255.255.0
GATEWAY: 192.168.2.1
DNS: 192.168.2.1Im stumped!!! Help please…..
Try connecting the AP to the LAN port switch, do you get an IP from the LAN range and have internet connectivity ?
Disconnect the AP and plug in a laptop to the Em1 interface, does that work ?
It should, if it doesn't it most likley to be firewall rules, mine looks like this, ignore the middle rule, it trying to figure out where some of my IOT stuff goes before I move it into the IOT LAN :-
If anyone thinks my traffic on the middle rule is a bit high, its 4K Netflix :)
-
1. What do you mean by this? Your Access Point has a static IP of 192.168.2.2 so it shouldn't even need its own DHCP lease. Just your wireless clients (like your phone) should get an IP between 192.168.2.10-192.168.2.254 in your case.
So i shouldnt see a dhcp lease? ok, thats good to know.
2. Also, em1 interface is correctly set up, right? Static IP?
em1 setup with static IP. Pretty much a copy of my LAN interface.
3. Are your firewall rules for WLAN interface correct? Pass rules, not block/reject?
All rules are set as "Pass"
-
Try connecting the AP to the LAN port switch, do you get an IP from the LAN range and have internet connectivity ?
Connected the AP to my switch (which is connected to em2/LAN) tried my phone and it connected and I have internet access. Designated IP: 192.168.1.140
Disconnect the AP and plug in a laptop to the Em1 interface, does that work ?
Disconnected the AP from the switch, connected my laptop straight into my em1/WLAN port and i get no connection at all.
It should, if it doesn't it most likely to be firewall rules, mine looks like this, ignore the middle rule, it trying to figure out where some of my IOT stuff goes before I move it into the IOT LAN :-
I can't connect at all now. Think it could be my firewall rules. I'll add a screenshot.
-
your firewall rules are ANY ANY.. I see no hits on them, that 0/0 number.. When you connected your laptop to em1 port did get a 192.168.2.x did its gateway point to 192.168.2.1 - what was it using for dns? Could it ping 192.168.2.1?
-
When you connected your laptop to em1 port did get a 192.168.2.x
connected to em1 and it dhcp lease my laptop got IP: 192.168.2.10
did its gateway point to 192.168.2.1
Yes, gateway shows IP: 192.168.2.1
what was it using for dns?
local.domain??? Not sure how to find this out, I'm far from technical I'm afraid :-(
Could it ping 192.168.2.1?
Yes, i can ping IP: 192.168.2.1 with no packet loss but still no access to the internet????
-
Well are you outbound nats natting this 192.168.2 network.. Do you have them set for auto or did you set them to manual or something.
When you say no internet.. Does that mean you can not resolve stuff or just can not get to www.pfsense.org?
From your laptop try to ping say 8.8.8.8
try and ping say www.pfsense.org, does it come back with an address or give something about could not find host.
-
OMG its sorted.
Thanks johnpoz and everyone else for your help. It was to do with my natting. I had it set to manual as I was having issues with a "strict" nat on the xbox, playstation & PC networks. I created some outbound rules to sort out my strict NAT. I switched them back to automatic and hay presto i got connected.
Solving this issue though im guessing will now put me back onto a strict NAT when my son connects to his online gaming!
Solved one issue, may now have created another but that's another problem for another forum post.
Thanks again. really appreciate all your help.
-
And it has. Straight back to strict NAT…...bugger. Took me ages to fix that issue.
-
dude post up your outbound nat rules
-
Managed to sort it out pretty easy. There's a Hybrid option in the outbound NAT rules. I clicked that and still got wifi and now an "open" NAT and not moderate as before. Hopefully that's me sorted for now. Boys happy he has wifi and gaming I'm happy I've got it sorted with you guys help.
Cheers
-
I have been checking the web whether pfsense supports wireless NICs and wireless usb devices. And I found even a supported device list. Most of them are ralink chips, so I got an old one that supports wireless n standard and is listed.
Inserting the usb went well, even dmesg shows me that pfsense detected the device and gave it a device node run0 which is a good sign.
Going to the web interface and in the interfaces section of pfsense run0 is being listed. Only when I start setting up a wpa2 hotspot with the usb device and hit the apply button, the terminal dumps lots of output for like 10 seconds the restarts. When booting again it reaches to the point where it detects the usb device and wants to create the device node, then… the same thing over! Lots of dumping then it restarts. This cycle keeps on repeating till I take out the usb stick.
When pluging out the usb stick pfsense boots normaly. When logging into the webinterface, pfsense tells me that it has to report a critical error.
Now, it is easy to start to setup a wifi hotspot with another dumb router but I would like to keep everything central, isn't there a safe way how to setup a usb wlan device?? -
What are you doing for the static nats? I sure hope your not just setting his IP to use all ports static? That sort of config is borked on a device that does napt for other devices.
What if client asks for say port xyz, and that has already been used by another client in a napt connection?
