Help with architecture



  • I moved onto my boat, so system availability and space is a premium. I currently have several laptop with a connection to a D-Link wireless router. I installed pfSense 1.2.3 under Virtualbox on one of my linux boxes. What I would would like to do is use the virtualized pfsense to handle all firewall and routing issues. I created two VLANS under the virtual pfSense box to cover my LAN and WAN connection. So far, I have not been able to connect to the lan remotely.

    Could some one give me a little guidance on correctly letting pfSense up to allow for the following (if at all possible):

    Current layout:

    –-------
    | ADSL |

    l
        l
        l
        l

    | D-Link AP | Wireless AP with 4 ports (does not provide DHCP)

    |
        |
        |
    4 Laptops (one is currently providing pfSense via virtualbox)

    What I would like to do is set things up so that the D-Link just acts as a AP, the virtualbox pfsense laptop will serve up DHCP and firewall needs. I set up the laptop to use the em0 interface (2 VLANS). Is there any way to make this work, or am I wasting time on this project?



  • So you want to have this?:

    –-------
    | ADSL |

    l
        l
        l
        l
    laptop/pfsense------| D-Link AP |
    (providing dhcp)      |
                                |
                                |
                                |
                        3 Laptops

    If so, then you will need either a second NIC in the pfsense laptop, or a switch, to plug the laptop into both the modem and the AP. If you go with a switch, either the switch or the AP will have to support vlan tagging. If the AP supports vlan tagging, the switch will at least have to support vlan passthrough, or you will have to use a reduced mtu to accommodate.

    I'm somewhat new to vlans, so I hope I didn't just feed you a bunch of BS  ;)


  • Rebel Alliance Developer Netgate

    If space is at a premium, Netgate ( http://netgate.com/ ) has some outdoor cases and even some marine gear I think, that would let you mount a router pretty much anywhere (above the water line) and save some space that way. :)


Log in to reply