Setting up pfsense router with ISP modem & WiFi router
-
All
So I am planning on getting a QOTOM minion to use as pfsense router with openvpn encryption. Main purpose was to get above 50 mbps on openvpn encryption.
Currently have a WiFi mode and router provided by my ISP.
One potential setup would be to use my modem router on bridge mode and disable DHCP/Nat etc, provide wan outout to pfsense router and then connect pfsense router to a WiFi router but disable DHCP/Nat on WiFi router too. However that means I need to buy a new pfsense box and a new router. Is there an alternative?
-
The pfSense box becomes your new router/firewall and the WiFi router becomes a WiFi Access Point (AP).
Cable modem (in bridge mode) <> pfSense WAN - pfSense LAN <> WiFi router (in AP mode).
But how is this different from your other post?
-
There is some overlap in the topics but slight difference too.
That one was about what hardware for pfsense.
This one is to get info on how the box fits into the overall ecosystem. In particular because I was going from one device (modem + router + WiFi AP) to 3 devices (ISP modem, PFsense router and a new router as WiFi AP), I just wanted to check whether there is a 2 device setup with pfsense that I hadn’t thought of.
-
Fair enough.
You can get some pfSense devices working as an AP but the FreeBSD support for WiFi is not good.
Best to turn your existing WiFi router into an AP - assuming it currently meets your WiFi needs.
Not really any two-device options but you are only buying one box - to run pfSense.
If you put the AP on the pfSense LAN you can use the other LAN ports on the AP as a switch for any wired devices.
-
Sorry maybe I am missing something. Currently my ISP provider modem also has a WiFi router so I have only one hardware device. If I just want to use that as a modem and use the wan output into my pfsense box and pfsense box becomes my router, I am guessing I will now need a third device (a WiFi router) which can function as a WiFi AP. Am I missing something? My only other option would be to have pfsense also act as a WiFi AP, but like you say pfsense isn’t very good with WiFi.
-
Sorry, it was me that missed the fact that your modem is all three - modem/router/WiFi. Not sure why but I thought you had two separate devices - modem and router/WiFi.
Yes, you would be going from one device to three. There isn't really a way to avoid that but you can get some relatively inexpensive WiFi routers that can act as APs - maybe giving you better WiFi than the all-in-one device.
-
Once u insert a dedicated FW, you are basically separating the functions that your One Box used to do.
With a dedicated FW, you should end up with: Plain-Modem–---FW-----AP.
You have what I call a Gateway, a 3/4-in-1 box: Modem+NAT+WIFI+4portSwitch. ISP loves to give u those because is easier to maintain one box than 3 or 4, but that construct doesn't work for people who want a dedicated FW, and you cannot disassemble, and often cannot disable part of the Gateway you don't want. For example I had an AT&T Gateway that I cannot disable its NAT. A dedicated FW will be doing NAT, so now you are double-NATing, not a good situation.
Want dedicated FW, you will be playing with the big boys$$.
