Advice on multi nic setup

  • hi all,

    I am looking for some advice on adapting my current setup as I have tried a couple of time to achieve the goal below and failed.


    pfsence box running on multi nic hardware
    netgear gs108e switch
    unifi AP-AC-Lite access point

    I currently have the following on my pfsense box
    wan em0
    lan em1

    wan is pppoe for my fibre
    lan is 10.10.x.x range for my lan connection, this goes into my netgear switch which serves other devices on Ethernet
    I have also got my unifi AP in the switch so all devices are on the same network getting DHCP from the pfsense box

    what I want to do is connect the unifi into a spare port on the pfsense box and have the pfsense box manage all the dhcp, vlan tags for the ap and its multi ssids etc. however no matter what I try I can no manage this.

    I have tried creating a bridge network with and without the use of system tunables and or firewall rules. im sure there is something im missing but cant work it out.

    any advice would be welcome

  • LAYER 8 Global Moderator

    Bring your interface up on pfsense, give it a network that does not overlap your lan network.  Are you really using a /16 on your lan??  Seems bit much.. So lets say create 192.168.10/24 on your other interface (opt1) and you call this wifi or something.

    Then connect your AP to this interface.. If you want other ssids to be on different vlans.  Then you would create vlans on pfsense, assign them to the interface (em2?)  Then on your AP create the other SSIDs using the same vlan ID, lets call it 100 that you used when you created the pfsense vlan.

    That really is all there is too it.  Other than creating rules on your opt and any vlan interfaces that allow the traffic you want.  And enabling dhcp on the interface and vlan interfaces as you see fit.

    Why would you try creating a bridge?  You would have ZERO reason to do this, and if you wanted your AP or specific ssid of your AP to be on your lan network then connect your AP to your switch..

Log in to reply