Static IP AP
How do I create a AP that has a static IP so I can bypass my pfsense firewill. My work has a no VPN policy now. Currently I have a separate old AP that I carved out but can I assign an AP an static IP address so I can use my unifi AP? Thanks
@kewe the AP IP has nothing to do with firewall rules for clients connected to the AP.
Clients of an AP would have an IP assigned to them by your dhcp server, which typically would be pfsense. You can setup a reservation for clients in the dhcp server so client X (via its mac address) always gets the same IP.
You can then setup firewall rules for that IP, etc.
You sure your using this old AP as an Access Point - or is it an old wifi router your having do nat? Either way you could setup the wifi router/AP to have a static IP, or you could just setup a reservation for its mac address to always get the same IP from the dhcp server.
@johnpoz Thanks. What I am doing right now is the IP of the old AP is static. I want to get rid of that I assume I make a vlan and add an AP to that and give that a static Ip. I just need to learn how to do that.
@kewe Do you have a port open on pfsense, if your going to plug the AP into that port, or you have a dumb switch that only devices on this new "vlan" will be on - you don't actually have to setup a "vlan" just setup the network on your pfsense port.
Plug your AP Into that, or switch and then AP and everything on that AP or switch would be on that network.. It not actually have to be a tagged vlan.
A tagged vlan is for when your going to run more than 1 network over the same physical hardware, be that a interface or a switch, etc.
@johnpoz I can do that. My goal is to not have the old AP. My goal is to have another AP setup on my unifi AP that has a IP address that will bypass pfsense VPN I am using.
@kewe Well if you want to run multiple networks, ie vlans on your AP, then yup get a vlan capable switch to work with the unifi AP.
But if right now all you want is this other network, you can do that with just any old wifi router as AP or whatever and if only this network no need to setup any vlans, etc.
@johnpoz Thanks. I will try to implement this tonight. I have a unifi switch and unti ap.
@kewe yeah your good to go then.. I have multiple vlans on my unifi AP, I don't have any unifi switches. But a vlan switch is a vlan capable switch - doesn't really matter as long as they understand vlans.
Have fun and good luck, should work out fine...
Looking forward to hear from your successfull implementation of your new hardware.