HOW TO - EASY (wireless) bridge configuration in 2.0
-
Okay, so I have LAN and WLAN bridged together. But I can't seem to get a firewall rule to work that will block traffic from WLAN to LAN. I want to block everything by default and only allow certain ports and ips access. What do I need to configure on my firewall in order to do this?
-
On my system I had to specifically enable DHCP traffic from WAN to LAN, otherwise it was blocked (quietly, if I recall correctly). So I think firewall rules on WLAN should be able to accomplish what you want. (Firewall rules apply on input.)
However, you should note that after tweaking with firewall rules it is sometimes necessary to reset firewall states to have the modified rules apply. I always (when I remember) reset firewall states after changing firewall rules. See Diagnostics -> States, click on Reset states tab for more information.
-
I ended up turning filtering on interfaces back on. Once I did that, my firewall rules worked.
EDIT: I take it back. I can get DHCP on both LAN and WLAN. Both of them can get out to the internet. But they won't talk to each other. And this is with no additional rules enabled.
-
@Bai:
I just tried this, and it hung at step 6. I had to use the local console to reset my interfaces.
Also, I don't see a picture showing the Advanced changes that need to be made.
Same here. It took me a while to work this out but if you select LAN + WIFI in your bridge then it doesn't work, you need to select OPT2, WIFI or whatever you've called your wifi.
-
@Bai:
I just tried this, and it hung at step 6. I had to use the local console to reset my interfaces.
Also, I don't see a picture showing the Advanced changes that need to be made.
Same here. It took me a while to work this out but if you select LAN + WIFI in your bridge then it doesn't work, you need to select OPT2, WIFI or whatever you've called your wifi.
I also had to resetup the lan dhcp server from the console. See my post above yours.
-
Hi,
Yes, it still works. I'm on a snapshot from April 18th. I'll be testing the May 1st 2G Nano snapshot in the next hour.
I am running the latest RC1 build (April 11 2011) and I am trying to get Wireless to work. Unfortunately there does not appear to be any way to add another interface in the GUI, or at least if there is I can't seem to see it. I am stuck with the 3 physical interfaces (dc0 - WAN, nfe0 - LAN and ral0 - WLAN).
EDIT: After some playing around I managed to get it to work. I created a bridge between LAN and WLAN first, then I was able to create the OPT2 interface and set it to the bridge. Enabled OPT2, then went back to the assign page and shuffled the assignments around. Lastly I rebooted the pfSense machine. And now it all works.
My problem now is that my clients will connect at ~36mbps, but that drops to 1mbps almost instantly and stays there. Could this be a hardware issue? The client laptop is sitting about 4 feet from the pfSense machine, with nothing in between them.
Thanks for the help.
-
I am using 2.0 RC 1, I can't get the bridge functions to work correctly. I am using a WatchGuard 500x.
RC -
I am using 2.0 RC 1, I can't get the bridge functions to work correctly. I am using a WatchGuard 500x.
RCInsufficient information provided. Please complete the following sentence: When I do … I see ... but I expected to see ...
-
This is Ron, I just checked the basic settings. I have the LAN port and my other 4 ports selected. Now if I connect my laptop I do not get a IP address. If I turn the wireless on, an the network adapter is connected I do get an IP address. I would like the to use the 4 optional interfaces like a switch.
RC -
step by step instructions work for me. :)
http://eric-poon.blogspot.com/search?updated-min=2011-01-01T00%3A00%3A00-05%3A00&updated-max=2012-01-01T00%3A00%3A00-05%3A00&max-results=5
-
I used the blog steps and it worked. But it was not quite what I was trying to do. In version 1.2.3, I could bridge ports to a existing port. Version 2 is quite different it takes a little more planning before you just jump in.
The other version made it just a little bit easier to set up and be able to add and subtract ports.
RC -
I used the blog steps and it worked. But it was not quite what I was trying to do. In version 1.2.3, I could bridge ports to a existing port. Version 2 is quite different it takes a little more planning before you just jump in.
The other version made it just a little bit easier to set up and be able to add and subtract ports.
RCYou can still bridge ports together by just adding them to the bridge, you don't have to assign the bridge interface. It's just better in the long run to do it that way.
The main problem with failing to assign the bridge interface is that if the interface holding the IP goes down, the whole bridge goes down. When you have the bridge assigned and the IP on the bridge interface, any interface can go down without problems.
