• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Using Existing router (Netgear Nighthawk) as AP + Switch?

Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
4 Posts 2 Posters 3.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pulsartiger
    last edited by Jan 10, 2021, 7:24 AM

    I have pfSense installed and running but I am having trouble with my existing router.

    My network setup:
    Modem <-> pfSense box <-> Netgear Nighthawk router <-> Device 1, Device 2, Device 3, Device 4, + (Wireless Devices)

    The Netgear Nighthawk router has option to be in 'Router' or 'AP' mode. I planned on using it in AP mode but I didn't realize until I switched everything over that Netgear disables all ethernet ports when in AP mode. I thought this mode would simply disable the DHCP server and let pfSense handle the rest. I then set the Netgear back to 'Router' mode and disabled the DHCP server. I plugged the WAN port of the Netgear rourter to the LAN port of my pfSense box. That didnt work. I then connected a switch that I had laying around to the LAN port on my pfSense box, then connected the switch to a LAN port on the router. I then unplugged all devices from the Netgear router, then plugged them back in (to grab new IP addresses). pfSense ARP table showed all of my devices, including the wireless ones. It did not show my router though. I couldnt access the Netgear routers admin menu (routerlogin.net) So, I am back to the drawing board trying to figure out my options. I was hoping to use my Netgear router as a switch and the wireless AP.

    Thoughts on what my options are? Suggestions?

    J 1 Reply Last reply Jan 10, 2021, 10:08 AM Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator @pulsartiger
      last edited by johnpoz Jan 10, 2021, 10:10 AM Jan 10, 2021, 10:08 AM

      Set the lan IP of your router to be on your network 192.168.1.X or whatever your using for your local network.

      Disable its dhcp server, connect it to your network via one of its lan port.

      Done! Your old router is now a AP with switch ports.

      Connect to the IP you set on its lan port to manage its wifi stuff.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      P 1 Reply Last reply Jan 10, 2021, 9:51 PM Reply Quote 0
      • P
        pulsartiger @johnpoz
        last edited by pulsartiger Jan 10, 2021, 9:56 PM Jan 10, 2021, 9:51 PM

        @johnpoz

        Thanks for the reply and info! :)

        Are there any disadvantages in using this method? Any potential issues or other settings I should change on the Netgear router? One if the reasons I went with pfSense is better security. Last year, Netgear had a security vulnerability which took them months to patch via firmware. Can the Netgear router still be vulnerable to security issues if it's behind a pfSense router?

        J 1 Reply Last reply Jan 10, 2021, 11:23 PM Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator @pulsartiger
          last edited by Jan 10, 2021, 11:23 PM

          No not really, in such a setup it would have no internet access even. Most soho router have no way to set a gateway on the lan.

          So even if you forwarded traffic to it from the internet, it wouldn't be able to answer back, unless you also had setup a source nat on pfsense.

          While sure as any device on your network, pc, iot device, etc. It's on your network and things on your network would be able to talk to it.. But not sure what sort of vulnerability you would be worried about in such a setup.

          Correctly secure your wifi, wpa2 with good complex length psk and you should be good to go.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received