Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Route 2 Lans

    Routing and Multi WAN
    2
    7
    3221
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danesco last edited by

      Hi. Im trying to do something like this:
      I have 2 LAN
      172.16.0.xx/16
      172.16.1.xx/16

      What i want its to have "clients" in separate lan adress than "infraestructure"
      Using pfsense to give dhcp in 172.16.1.xx and configuring a route to reach the access points in 172.16.0.xx. But if i add a static route with 172.16.0.xx does not work

      pfsense(172.16.1.1dhcp)–-----AP(172.16.0.1)---------------------AP2(172.16.0.2)----
                                                              -Client(172.16.1.2)                    -Client(172.16.1.3)

      Note: The access points are in bridge mode, so all clients are in same collision domain

      1 Reply Last reply Reply Quote 0
      • ptt
        ptt Rebel Alliance last edited by

        http://forum.pfsense.org/index.php/topic,40795.msg210697.html#msg210697

        @Cry:

        You have overlapping subnets - that will never work. For OPT2 use a different subnet, say 192.168.2.0/24.

        1 Reply Last reply Reply Quote 0
        • D
          danesco last edited by

          But in this case, i cant have a second physical interface. Because the links are wireless between pfsense and access point 1. And the others AP

          Oh sorry, i see what you say, is 172.16.xx.yy and 172.17.xx.yy But the my problem its the same, how to use another net or subnet for my access points

          1 Reply Last reply Reply Quote 0
          • ptt
            ptt Rebel Alliance last edited by

            I'm not an expert, but IMHO, i think the best way to isolate traffic will be trough a separate interface. If you cant add a third phisical interface, then go for a managed switch + VLANs, this way you can have each AP in a separte network and your wired LAN in another, this way you will have full control over the traffic of your network.

            WAN –pfSenseBox-- Managed switch|– LAN ( wired )
                                                              |-- OPT1 ( AP 1 )
                                                              |-- OPT2 ( AP 2 )

            this way you can set rules to allow / block traffic through / from / to LAN / AP1 / AP2
            You can get this with a cheap RB250GS.

            1 Reply Last reply Reply Quote 0
            • D
              danesco last edited by

              This scheme is possible in a physical conditions like this?:

              My network is like a bus i think.

              Pfsense connects trough utp to AP1 and AP2 are 5Km away with bridge.. and AP3 are 800m more with Bridge to PFsense
              All the links after pfsense are wireless so i cant connect directly AP1 and AP2 to a managed switch

              1 Reply Last reply Reply Quote 0
              • ptt
                ptt Rebel Alliance last edited by

                But, at least one of your APs is connected to pfSense LAN, then add a third interface and you can isolate easily your APs traffic from your Wired LAN traffic.

                If you want a "more accurrate" answer, please post a "clear" network diagram, with "all" the details of your network topology ( except the public IPs ).

                1 Reply Last reply Reply Quote 0
                • D
                  danesco last edited by

                  Hi, this is a simplied diagram. Bridge 172.16.0.3 are far far away from pfsense (its a PtP link with 172.16.0.2)


                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post