Hopefully a simple config issue - Bridging Wifi to LAN with WAN access

Majin Zero

I have a WAN port, I have a LAN port, anything on the LAN can get out online, I have opt1 as Wifi, set it to AP, bridged it with the LAN, anything I have can connect to the AP, get an IP, but they can't connect out onto the internet.

What did I do wrong here?

GruensFroeschli

Did you create a firewall rule on the opt1 interface to allow traffic out?

Majin Zero

smacks forehead I did not. What's the general set up for that rule?

Opt1 to LAN allow? Gateway is default?

GruensFroeschli

Well since you bridge the WLAN to the LAN i assume you want to use it the same way.
So you could just simply copy the rule from the LAN to the WLAN.

Majin Zero

Great, thank you very much.

Majin Zero

That didn't work…

opt1 subnet -> Anywhere

I can connect, get an IP, but I still can't get out to the internet...

jimp

What version of pfSense? 1.2.3-RC3 or a later snapshot?

If not, go to System > Advanced, check the box to disable hardware checksums, and try again. That is needed with some combinations of NICs

Majin Zero

it is 1.2.3-RC3

jimp

What kind of hardware?

Majin Zero

NetGear WPN311 atheros chipset

AhnHEL

Sure you're getting an IP without this:

http://forum.pfsense.org/index.php/topic,15677.msg82789.html#msg82789

Also, might be an issue with this infamous bug, but havent seen this issue with newer snapshots but might be worth a try for you:

http://forum.pfsense.org/index.php/topic,17495.msg90695.html#msg90695

jimp

@onhel:

Also, might be an issue with this infamous bug, but havent seen this issue with newer snapshots but might be worth a try for you:

http://forum.pfsense.org/index.php/topic,17495.msg90695.html#msg90695

This should be fixed in RC3 and later snapshots, that was the checksum issue I mentioned above.

Majin Zero

well my windows machine says it gets an IP, but can't get out to the internet, and if I try to ping the default gateway, it fails, transmit failed, it says. My linux machine does not get an IP.

I tried setting up that rule on my opt2/wifi source 0.0.0.0 port 68 to 255.255.255.255 port 67, applied, waited for the refresh, and I'm still stuck unable to get out online via opt2/wifi.

Linux machine still does not grab an IP address.

Should I try pfsense 1.2.2?

AhnHEL

Post up a screenshot of your firewall rules on your OPT interface.

You did use UDP for the DHCP rule, correct?

Anything suspicious in your firewall logs?

danswartz

I would think you could just use one rule and specify any for the source IP, no?

AhnHEL

@danswartz:

I would think you could just use one rule and specify any for the source IP, no?

0.0.0.0 is not a valid IP on the OPT interface so no.