Help needed Wireless (Guest internet setup)



  • Good day people,

    I need to ask for help regarding the following scenario,

    What i want to achieve is to supply internet to the guest at my lodge VIA captive portal with no access what so ever to my private network.

    My setup is as follows.

    3 NIC installed

    NIC 1 - Lan network (192.168.1.200)
    NIC 2 - WAN
    NIC 3 - WIreless AP to conncet to it VIA cat 5 network cable (10.0.0.10)

    Pfsense server ip - 192.168.1.200

    My ip range for my Lan interface is 192.168.1.x

    My ip range for my Wireless network which will be for the guest will be 10.0.0.x

    I Have enabled DHCP server on my Wireless NIC interface and configured for 10.0.0.x - 10.0.0.x range to be issued, what i am unsure of is should i make gateway and dns server 192.168.1.200 or do I need to make
    it my Wireless NIC card address which is 10.0.0.10 ?

    I also added a firewall rule on wireless interface to forward wireless subnet to wan address which i had no luck with

    After that did not succeed, I bridged my wireless NIC with WAN NIC with no luck as well, bridged my lan NIC with wireless NIC and reconfigured settings but nothing worked that way to.

    I was then told by a mate of mine that I might have to add a static route which I am not familiar with and if this is so could you guys please give me a hand with it.

    Please guys I am open to anything and willing to try anything as I am completely stuck.

    The wireless AP points I am using are PICO stations which I will be setting up as AP with WDS if you need this info as well.

    Thank you guys.



  • @Dean333:

    I Have enabled DHCP server on my Wireless NIC interface and configured for 10.0.0.x - 10.0.0.x range to be issued, what i am unsure of is should i make gateway and dns server 192.168.1.200 or do I need to make
    it my Wireless NIC card address which is 10.0.0.10 ?

    In pfSense DHCP server configuration just leave gateway blank and DNS blank and pfSense will fill in the appropriate values from its own configuration. On DHCP client systems leave this blank so they come from DHCP.

    @Dean333:

    I also added a firewall rule on wireless interface to forward wireless subnet to wan address which i had no luck with

    There are many components that need to work together to get packets from the wireless subnet to the internet. There is nowhere near enough information here to be able to identify which of them might not be functioning correctly. A start would be to verify the wireless client has configured the correct DNS and IP address. You could also look in the system logs to see if the DHCP server has seen any DHCP requests from the wireless subnet or the firewall has blocked any packets from the wireless subnet (go to Status -> System logs, click on DHCP or Firewall tab).



  • Thx for the reply,

    ill be honest and say that I am an complete idiot when it comes to looking at logs but ill give it a shot and post screenshots for more info but thx for the help.



  • @Dean333:

    I Have enabled DHCP server on my Wireless NIC interface and configured for 10.0.0.x - 10.0.0.x range to be issued, what i am unsure of is should i make gateway and dns server 192.168.1.200 or do I need to make it my Wireless NIC card address which is 10.0.0.10 ?

    Use your WLAN NICs IP or even leave blank on the DHCP config page.

    @Dean333:

    I also added a firewall rule on wireless interface to forward wireless subnet to wan address which i had no luck with

    A rule does not forward traffic. It permits or denies it.
    What you did with that rule is: you allowed traffic to your WAN interface. And only to that IP. Unlikely you want to surf your firewall, right?  :)

    Create a rule which allows traffic to everything but LAN (use the NOT checkbox) and you should be set. Then your guests cannot access LAN but everything else.


Locked