No internet on OPT1 – Please help driving me mad!



  • Hello all,

    First off I am new to pfSense so please ignore my stupidity.

    I have searched the forum and tried everything, I have watched videos on YouTube and still cant work this out.

    I have my LAN and WAN working perfectly, but I want to setup my OPT1 port for wireless clients only.

    I have a Wireless AP plugged into port OPT1 on my system, and pfSense is assigning IP addresses correctly via DHCP.

    No client can get on the internet. I have setup rules under Firewall / Rules / OPT1 just like the LAN connection but still no joy.

    Ideally I want the OPT1 port separate from my LAN, but I will be satisfied with just internet currently as I have been working on this for two days and nothing works, I am starting to lose my patience with it.


  • LAYER 8 Global Moderator

    And what network did you put on this opt interface.. Your sure your AP is actually AP and not wifi router handing out dhcp to yoru clients pointing to it for gateway?

    What are the rules you put on the opt1 interface?  You didn't mess with the outbound automatic settings did you?

    Can your wifi clients even ping pfsense opt1 interface IP?



  • @johnpoz:

    And what network did you put on this opt interface.. Your sure your AP is actually AP and not wifi router handing out dhcp to yoru clients pointing to it for gateway?

    What are the rules you put on the opt1 interface?  You didn't mess with the outbound automatic settings did you?

    Can your wifi clients even ping pfsense opt1 interface IP?

    johnpoz,

    Thanks for the reply

    LAN is 10.10.1.1
    OPT1 is 192.168.1.1
    Defiantly a wireless AP, it only has one port on the back and it has no DHCP server, pfSense is assigning the IP correctly.

    The rules are exactly the same as LAN, just OPT1 instead.

    Thanks for help.


  • LAYER 8 Global Moderator

    So can wifi clients ping 192.168.1.1?

    If not maybe you have a wifi issue.  Or your rules are not exactly like the lan and any any for IPv4.. Maybe its only set for tcp.. Which yeah wouldn't actually allow internet because clients have to ask for the IP of www.pfsense.org via dns, which uses UDP.

    Your not using proxy package are you - this would have to be configured to allow your other network, etc..

    You haven't configure captive portal or something?

    This really is click, create new interface.  Create firewall rule(s) done.  Nat will auto be taken care of in pfsense, unless you have changed outbound nat from automatic to manual or something



  • @johnpoz:

    So can wifi clients ping 192.168.1.1?

    If not maybe you have a wifi issue.  Or your rules are not exactly like the lan and any any for IPv4.. Maybe its only set for tcp.. Which yeah wouldn't actually allow internet because clients have to ask for the IP of www.pfsense.org via dns, which uses UDP.

    Your not using proxy package are you - this would have to be configured to allow your other network, etc..

    You haven't configure captive portal or something?

    This really is click, create new interface.  Create firewall rule(s) done.  Nat will auto be taken care of in pfsense, unless you have changed outbound nat from automatic to manual or something

    Wireless client can ping 192.168.1.1 I have tried a system wired directly and I get the same issue, so I know it’s not wireless.
    I have just reloaded the system from fresh, I now have a new build so the system is completely stock. At least then any changes I have been doing will be removed.
    I have now got LAN and WAN online again, I have created a new Interface as OPT1. Set it as static 192.168.1.1 and enabled the DHCP server. Clients get an IP address in the range of 192.168.10/192.168.1.254 and this is correct.
    I have matched the settings exactly again in the firewall rules, LAN and OPT1 are identical. I have not made any other changes, and nothing is working.


  • LAYER 8 Global Moderator

    Please post your firewall rules on your opt1 interface.  And the settings in your outbound nat..

    What IP range do you have on you WAN?  Its not 192.168.1.x ???



  • If you want internet access from both LAN and OPT ports. Try a PfSense bridge. I found this link.

    https://www.infotechwerx.com/blog/Creating-a-Simple-pfSense-Bridge


Log in to reply