Do you have to use WAN port on an AP with multiple LAN ports ?



  • I've been tinkering with pfsense. I have an N56U wifi router which i wanted to set up as an AP, and then use the switch. So what i've done so far.
    em0 = wan (dhcp)
    em1 = lan (dhcp server)
    Lan connects to Lan on N56U. N56U is set up as AP mode, all NAT, Firewall and UPnP services are unavailable.
    PC is connected to lan on N56U. I have connection to both devices. But no internet. pfsense has internet and can check and download updates, but PC has no internet. Now, this is just temporary as i've already ordered a dual nic where em1 will go to N56U for wifi and em2 will go to PC. But i might end up with the same problem for wireless devices.

    I'm wondering if i have to use the wan port on N56U even tho it's set up as AP. And in theory should just function as a 4 port switch.


  • LAYER 8 Netgate

    More of a question about the N56U than pfSense. If you can bridge the WAN, LAN, and Wireless into one big bridge, you can connect any wired port to pfSense. People generally connect LAN to pfSense and pretend WAN doesn't exist when repurposing a wireless router to be an AP.

    Might have better luck on an N56U forum.



  • Aha. I thought it was more of a pfsense question. I was thinking i'd forgot something and pfsense was preventing me from getting online. But after switching back to the old setup. I thought that maybe it was required to use the wan port. But sounds like it isn't.
    Sadly a N56U forum doesn't exist any more, too old. Also i am running an alternative firmware on it (padavan)

    One thing i've noted afterwards is that after doing port forward in NAT/port forward, my torrent client does receive connection attempts from wan. So there is some sort of hole through. Not sure what it is, but i'll try connecting directly to pfsense as see what happens tomorrow.


  • LAYER 8 Netgate

    A padavan forum then… Whether you need to use WAN or LAN there is completely up to that device, its capabilities, and how it is configured.




  • Rebel Alliance

    I'm using Tomato firmware on the RT-N56/66.

    I use the LAN port to connect (although I have an option to bridge the WAN port to the LAN).

    The Basic settings for your LAN should match pfsense, but not conflict, e.g.:

    N56 IP - 192.168.1.2 (WAN disabled)
    PFS IP - 192.168.1.1 (set this value for the Gateway on N56)



  • Please don´t use the WAN port ause often it is using also NAT and this might be not the real thing you will need here.



  • @BlueKobold:

    Please don´t use the WAN port ause often it is using also NAT…

    I'd say that a home router always use NAT unless it have a AP/bridge mode like the better ASUS routers and many third-party firmwares as are discussed in this thread.



  • Throw out the router and buy a dedicated AP



  • Those things are sold as WLAN routers so obviously they are going to default to routing mode and in many cases also do not have the bridge mode option because that would be extra cost for a feature that most of the users don't even know to ask for.

    If there's no support for AP/bridge mode you have use one of the LAN ports for the upstream cable to your pfSense and leave the WAN port unused.



  • @Chrismallia:

    Throw out the router and buy a dedicated AP

    In larger professional environments I would agree but in any application where budget is a concern, routers often offer better bang for the buck.

    In SOHO applications, where budgets are often very tight, the additional switch ports are also often useful additions.

    It's very simple:

    • If the router have an AP mode (as the router in this thread have with original firmware) - use that and connect to any port.

    • If the router doesn't have an AP mode - don't connect anything to the WAN port and disable the DHCP server (if another DHCP server is already present in the network).


Log in to reply