Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Tricking a WAN Only Router

    HA/CARP/VIPs
    1
    1
    227
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      abuttino
      last edited by

      I have pfSense and ordered a Ubiquity AmpliFi HD Mesh system. Trying to get this all straight before it comes on Monday.

      I have been reading all day and think this is the proper forum to ask this question in.

      The AmpliFi has some features that aren't available in bridge mode and I really want to get around that.

      There has been a discussion on the forums at Ubiquity to disable the DHCP server by having 1 IP in the pool and then reserving that inside the software (some people have said that is a bad idea so, I will pick a MAC from another wired server in my network that is always going to be on a static)

      But, it's another main concern that I can't have the WAN and the LAN on the same subnet.

      My plan is:
      Physical:Modem --> pfSense --> Managed Switch --> AmpliFi

      IP Layout: Business Static IP --> 10.0.0.1 --> Windows Server DHCP (10.0.0.100-10.0.0.200)

      I would like to have all the computers accessible by the WiFi Mesh Network

      On to the AmpliFi and VIP:
      I was thinking and hoping I could use a VIP like 192.168.1.1 for the gateway and make the AmpliFi 192.168.1.2 and use 1.1.1.1 for a DNS to satisfy the WAN requirements to "separate the network".

      On the LAN side of the AmpliFi config, I will use 10.0.0.240 as the router address and 241 for the only reservation. That way it won't block traffic for my internal network.

      My Windows Server DHCP will continue as is and keep doling IP addresses out to use my internal DNS and pfSense as the router.

      If this is possible, I would like to know, and the proper rules and NAT rules I would need.

      If this isn't the right forum, please mods, move to the right one.

      Thanks in advance for all your answers. I really hope this is possible!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.