Guide to setting up Atheros AP with pfsense?

GoldServe · Jul 21, 2007, 3:45 AM

I've tried several things and set up a WLAN interface. Got it to associate with WPA but unable to get DHCP from pfsense. I had it working for a brief moment and i did not touch anything but it stopped working. Currently, I have it bridged to LAN.

What configuration do I need for this thing to act like an AP and more importantly, what FIREWALL settings do I need to make this thing work?

GoldServe · Jul 21, 2007, 5:01 AM

I am seeing something that was discussed before.

I am bridging with LAN and if a device is connected to LAN, THEN i get an IP on WLAN. If nothing is connected to LAN, DHCP doesn't respond on WLAN.

???

hoba · Jul 21, 2007, 9:26 AM

For a bridge to work all interfaces of the bridge have to be uplinked.

GoldServe · Jul 21, 2007, 5:09 PM

Right now, I call my ath0 lan so it is always up and lan bridged to it. Is this a good idea?

Is there a way to achieve the same thing but I want captive portal to work on the ath0 but now it won't work on a bridged interface.

Are there some easy steps to make two networks bridged but manually using firewall rules, etc?

hoba · Jul 21, 2007, 6:52 PM

@GoldServe:

Right now, I call my ath0 lan so it is always up and lan bridged to it. Is this a good idea?

This confuses me a bit. if ath0 is LAN what is the other LAN that you are talking about and what is ath0 then bridged to?

GoldServe · Jul 22, 2007, 12:11 AM

I call ath0 lan and the wired ports as LAN2, bridged to LAN.

GoldServe · Jul 22, 2007, 2:50 AM

It doesn't seem like it is going to work. Lan (ath0) is giving out an IP but Wired (Lan2 bridged to lan) is not giving out an IP.

Is there an official and clean up to set up an AP bridged to LAN on pfsense?

hoba · Jul 22, 2007, 5:05 PM

I haven't tried that kind of setup. I usually bridge the wireless interface to the wired lan in such scenarios which works fine. I know there are some limitations when bridging a wireless interface (you only can bridge a wireless interface to another one if it's in AP mode).

GoldServe · Jul 22, 2007, 7:39 PM

I can't believe pfsense doesn't work when I bridge the WLAN with the LAN with no LAN device plugged in. I'm not understanding why that is a problem? How do other platforms overcome this issue?

hoba · Jul 22, 2007, 8:12 PM

Afaik it's a freebsd issue.

GoldServe · Jul 22, 2007, 10:50 PM

Really…I'm surprised no one tried to fix this. How much would a bounty do?

sullrich · Jul 22, 2007, 11:26 PM

This is a kernel issue not a pfSense issue.

GoldServe · Jul 23, 2007, 1:24 AM

One more problem. I've got the wireless not bridged and on a seperate subnet from the wired now. Two clients connected and can ping the gateway of own and lan but can not ping another wireless client. Anything required in the firewall rules? Seems like it's doing AP isolation.

GruensFroeschli · Jul 23, 2007, 2:10 AM

you need set the checkbox "Allow intra-BSS communication"

GoldServe · Jul 23, 2007, 2:21 AM

Thanks for the response. Works like a charm.

sokar311 · Mar 9, 2008, 2:49 AM

Hi, i also have a PfSense configuration with 2 Nics and 1 Wireless Card set as an access point (infrastructure gives me "no carrier"!?), i also have the "Allow Intra-BSS", but seems that the firewall rules don't apply between the wireless clients anymore!, any help?, thanks.

GruensFroeschli · Apr 2, 2008, 1:48 PM

Infrastructure = Client
Access Point = Access Point

Firewall-rules are and were never applied for traffic between clients.

sokar311 · Mar 9, 2008, 4:24 AM

Thak you, but do you know any way to control the traffic between wireless clients with the firewall?

lsf · Mar 26, 2008, 2:42 AM

Vlans might do the trick. I never tested this tho.

hoba · Mar 26, 2008, 2:56 AM

@lsf:

Vlans might do the trick. I never tested this tho.

How should tat work? The only option that we provide is to seperate the clients from each other meaning they completely can't talk to each other. Besides that there is no way that I can think of to do that.