WAN connecting to AP with USB network card?



  • I've searched this board up and down and the fact that I don't understand a whole lot about the mechanics of the whole 'networking' game probably is part of why I can't find an answer, there is one specific thread similar to this and it's unanswered ???

    ISP>>>>DSL router>>>(WAN-USB Network card rum0)PFsense box>>>LAN

    The DSL router is DHCP and the PFsense box is set up as above, I can see the AP I want to connect to under the wireless section in PFsense but I can not figure out how to 'tell' PFsense to connect WAN(USB card rum0) to the AP.

    Is this even possible as tat other thread is unanswered?



  • I've never tried to use a wireless link as pfSense's WAN link so I don't know if its allowed.

    Assuming its allowed I expect you would need to select the wireless link from the Interfaces menu, then fill in the appropriate information in the Wireless configuration section so that it matches the values set at the Access Point. In particular the Mode should be Infrastructure the SSID should match that of the Access Point, the channel and authentication methods have to match etc.

    Something I'm curious about:

    I can see the AP I want to connect to under the wireless section in PFsense

    Where do you see the AP you want to connect to? What version of pfSense are you using?



  • Thank you for your time, the version is; PFsense v.1.2.2 and atm the box reads:

    LAN*                ->   re0       ->         192.168.1.1
    WAN                 ->   rum0     ->         NONE(DHCP)

    To me the wireless config page in PFsense looks like it's geared tword  the setting up of an AP rather dealing with a wireless client being the WAN, in the SSID box I've put the name of the AP I need to connect to and it's set to infrstructure, the rest of the settings there have no relevance to a client setup as far as I can see. Also the two filters "bogon" networks are disabled for testing, as is all security.

    I have tried bridging WAN & LAN with no success and reading up on the colossal amount of settings and filters I realise what an extensive piece of software it is if I were to set up like the rest of the people here. Fact is the line for the DSL router is not in a suitable place for me to hard-wire a box and a second wireless router ie. ISP>>>DSL Router>>>PFsense(eth)>>>AP.

    The Status/Wireless tab is where I was referring to earlier:



  • @csu1:

    the rest of the settings there have no relevance to a client setup as far as I can see.

    I would think your client and the AP would need to be using the same channel, same encryption settings, same pass phrase etc if they are going to have a hope of successfully communicating. Is theer a problem getting the wireless settings of the access point?

    Thanks for the picture of the wireless status page. I'm running an early version of pfSense 1.2.3 and see a similar page (headings but no data) for my operational wireless LAN interface.



  • I would think your client and the AP would need to be using the same channel, same encryption settings, same pass phrase etc if they are going to have a hope of successfully communicating.

    yes; for hard-wired WAN, but I can't understand why there is no option for WAN acting as a wireless client with options to choose which access points to connect to ???

    Is theer a problem getting the wireless settings of the access point?

    what settings do you mean? It's a standard AP issuing addresses DHCP, WAN on my box just sits idle with no way to tell it to connect as a client to the AP…

    ...As I said in the OP I don't understand a whole lot about networking, so if you may, please answer this question.

    Scenario:

    Bloggs Bank is situated downtown in a multi-story building. Because of the banks security policy they can only allow one AP connected to the master server and the network has to be split into five separate sub nets using five PFsense boxes with WAN connecting to the master AP and LAN serving every sub net through five separate access points

    How to do this ???

    Master AP            ->     192.168.1.1
    PFsense box 1.     ->      192.168.2.1
    PFsense box 2.     ->       192.168.3.1
    …etc.

    Would the master AP still be able to communicate with each box even though they are on different networks? and how could WAN on each box be set to accept connection from the master AP in DHCP fashion and if I wanted each of the five sub networks to communicate at will for example printers WAN is where I can't get my head around in PFsense, theres no option to allow connection from one or multiple AP's and to top it all I may just be talking jibberish. There's probably a much simpler way to do this scenario with no option for ethernet cables and PFsense right?



  • I apologize,
    not to hijack this thread but I think I can offer a solution. I don't know if pfsense is capable of a Wifi Client WAN but I have found a way.
    I have used a spare wrt54gl with dd-wrt on it to connect to the AP as a client. the dd-wrt will now be a hardwired connection for your WAN. This might be your best choice.

    To clarify if you still want pfsense to be your AP client on the wan you should configure it exactly just like the AP. example, but not limited to:
    AP Settings: channel 11
    encryption: TKIP
    passphrase: XXX

    Client Settings: Channel 11
    encryption: TKIP
    passphrase: XXX

    With your scenario and the above solution it may look like:
    Master AP -> 192.168.1.1
                             -> dd-wrt (192.168.1.2) -> pfsense (192.168.1.3)
                             -> dd-wrt (192.168.1.4) -> pfsense (192.168.1.5)
                             -> and so on…..

    As long as your firewall exceptions are correct all traffic should work just fine.



  • but I can't understand why there is no option for WAN acting as a wireless client with options to choose which access points to connect to

    The way you tell pfSense which access point to connect to is to give pfSense the wireless parameters used by the Access Point: SSID, wireless channel, encryption type, standard (802.11b, 802.11g, etc), etc

    Your access point may "hide" some of these parameters by having a set of defaults. That configuration technique works OK until you need to have multiple access points or your close-by neighbour uses the same access point in default configuration.


Log in to reply