Advise on pfSense and Tomato with Guest Wireless



  • Hi,

    I would like to have some suggestions as to whether I have this setup correctly or is there a more efficient way of accomplishing this.  The main goal is to have the WAN, LAN, Home WiFi and a Guest WiFi.  I will list the equipment.

    Pfsense box
    –-------------
    WAN
    LAN  ->192.168.1.1/24 ----> 8 port switch -----> Asus RT-66U with tomato installed.  Port(1).  Home WiFi
    OPT1 ->192.168.2.1/24 ---------------------------> Asus RT-66U with tomato installed.  Port(2)  Guest WiFi

    ASUS RT-66U

    VLAN's are setup
    VLAN1 - Bridged to LAN, Port1, Port3, Port4 are selected, but not tagged
    VLAN2 - Bridged to WAN
    VLAN3 - Bridged to LAN1, Port2 is selected, but not tagged.
    LAN1 - 192.168.2.2/24

    DHCP is not enabled on the tomato, it is enabled on the pfSense Router.

    Everything works like it should, but was wondering if this is the correct way.

    PS:  What if there was no 3rd NIC in the pfSense box?

    Example is attached.

    TY!




  • Hi kshays,

    If you had no 3rd NIC on your pfsense you would tag all VLAN's on the LAN NIC and on the switch uplink port (trunk).

    You would then untag/tag ports on your switch as per requirements. In your example you would:

    Switch Port 1 - Tag VLAN1 & 3 (as it's carrying both Secure WiFi and Guest VLAN traffic to the ASUS RT)
    Switch Port 2 & 3 - Untag VLAN1

    I hope this makes sense.

    SJT.