Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proper way to set up a wireless access point on 2.0

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    12 Posts 4 Posters 5.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jjstecchino
      last edited by

      What is the proper way to set up an wireless access point on 2.0?

      I assigned OPT1 to the wireless interface. set mode to Access Point
      I created a bridge between lan and opt1
      Added rule to firewall - opt1 to pass all traffic for all sources, all destinations (all *)
      Wireless clients correctly associate, obtain IP from dhcp but no further traffic goes through.

      What am I missing?

      Thanks

      1 Reply Last reply Reply Quote 0
      • S
        Shraik
        last edited by

        Maybe NAT ?

        1 Reply Last reply Reply Quote 0
        • J
          jjstecchino
          last edited by

          Naah… Not NAT. The wireless and lan interface are bridged.

          1 Reply Last reply Reply Quote 0
          • E
            eri--
            last edited by

            You have to allow on lan for opt1 hosts traffic to pass!

            You are choosing lan cause you want your clients to reach PC's on LAN otherwise they will not go to internet, since there is no nat for them!

            1 Reply Last reply Reply Quote 0
            • J
              jjstecchino
              last edited by

              Thank You ermal

              Just to make it clear the rule should be:

              Action->Pass, Interface->LAN, Protocol->any, Source->Opt1 Subnet, Destination->any.

              Is it correct?

              1 Reply Last reply Reply Quote 0
              • E
                eri--
                last edited by

                It depends on what you want to do!
                Do you want to give these people access to your WAN?!
                  - For this you need a nat rule for the wireless(OPT1) interface.
                You do not want to give these people access to your WAN?!
                  - For this you just need to specify the rule you just showed above.

                1 Reply Last reply Reply Quote 0
                • J
                  jjstecchino
                  last edited by

                  Still no go!

                  LAN subnet is 192.168.100.0/24
                  Wireless is OPT1 set up as access point
                  Bridge (bridge0) created between LAN and OPT1

                  Firewall rule on OPT1: Action->Pass, Proto->any,  Source->any, Port->any,  Destination Port->any, Gateway->any,  Queue->none (basically wide open) .

                  Laptop associates correctly. Obtain IP from pfsense DHCP on the 192.168.100.0 subnet, however no traffic to lan or wan is passed.

                  rules for LAN is to pass everything when source is LAN net, second rule to pass everything when source is OPT1 net.

                  I want client on the wireless (OPT1) to be able to access LAN and WAN

                  What am I doing wrong?

                  1 Reply Last reply Reply Quote 0
                  • J
                    jjstecchino
                    last edited by

                    Anybody willing to pitch in?

                    1 Reply Last reply Reply Quote 0
                    • E
                      eri--
                      last edited by

                      You need to setup advanced NAT or search the forum(the same section) how to run dhcpd on top of the bridge interface. The latest is what irecommend since than pfSense will do everything automagically.

                      1 Reply Last reply Reply Quote 0
                      • W
                        wolverine10
                        last edited by

                        hello there… i just want to ask something from you in order to clear some things. what is it that you want from your opt1(wireless access point), do you want them to get connected to the internet? do you want them to get remote administration from lan? or some other things?

                        by the way, i am using wan, lan, opt1, opt2 on my pfsense 2.0 alpha alpha with no problem at all...

                        1 Reply Last reply Reply Quote 0
                        • J
                          jjstecchino
                          last edited by

                          @wolverine10:

                          hello there… i just want to ask something from you in order to clear some things. what is it that you want from your opt1(wireless access point), do you want them to get connected to the internet? do you want them to get remote administration from lan? or some other things?

                          by the way, i am using wan, lan, opt1, opt2 on my pfsense 2.0 alpha alpha with no problem at all...

                          Hi wolverine10,

                          What I want from opt1 (wireless) is to do everything I can do from lan interface. Access local network and internet. I like to have opt1 on the same subnet as lan (bridged) so that client would seamlesly use lan or wireless.

                          I am going to read on advanced nat and dhcpd on bridge.

                          Thanks

                          1 Reply Last reply Reply Quote 0
                          • W
                            wolverine10
                            last edited by

                            i  don't know what version you may be using but in my case i am having pfSense 2.0-ALPHA-ALPHA built on Wed Sep 23 11:28:05 UTC 2009 FreeBSD 7.2-RELEASE-p3 (and many versions before it–-i have updated many times already) with squid 2.6.21_10 as the only package installed.
                                  i am using two bridges only, mainly: a) opt1-bridge-to-wan, and 2) opt2-bridge-to-wan. however, i did not use opt1 nor opt2 for my long-range access point. i use my lan as the direct connection for my wireless ap. i am using my opt1 and opt2 as wired interfaces.
                                  i use different subnets and different gateways for each of the  lan, opt1, and opt2. i only copied the general(default) firewall rule from lan and applied to both opt1 and opt2(except for the names and the interface of course).
                                  ...and i can use wireless or lan or opt1 or opt2 seamlessly.
                                  maybe there's just a little bit of configuration you've missed? just my thoughts though... ::)

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.