VLAN question



  • I use an Alix 2D13 box for my home with the WiFi AP connected to OPT1 and bridged to LAN. The other day the AP died. I noticed that the one I'm going to buy has VLAN support with the option to associate up to 4 SSID to separate VLANS.

    Since the AP will be connected directly to OPT1, I was wondering if I would still be able to setup a separate VLAN on OPT1 for a second SSID without going through a managed switch. Basically I would like to have a trusted SSID to bridge to LAN and a guest SSID with just internet access.



  • Yeah that should be possible by setting up vlan interfaces (Interfaces->assign->VLANs) in pfsense.



  • IIRC, the ALIX NICs do support VLAN tagging in hardware, but the FreeBSD driver doesn't currently support this feature.

    VLAN tagging is supported in software since…um...a few years, I think. I am not currently aware if this'll lead to reduction in MTU, though. You might want to check if the use of VLANs impairs speed.



  • Thank you for the info. I'll give it a try when I get the AP setup.



  • Update: it worked perfectly! Second SSID on separate VLAN, no problem at all.



  • @MaxPF:

    Update: it worked perfectly! Second SSID on separate VLAN, no problem at all.

    Thanks for the feedback. Without your feedback and this thread I would have thought it isn't possible without a managed Switch. Could you give some details about your access point?

    Peter



  • I got an EnGenius EAP300

    http://www.engeniustech.com/business-networking/indoor-access-points-client-bridges/16139-eap300

    and I'm very happy with it. It has enough power for a 3 floor 2000 sqf townhouse plus all the features I needed, including VLAN and multi SSID support.
    Not bad for $89.



  • Ah, looks interesting with respect to design and technical data - and is affordable. I'm looking around for access points as it's getting more and more difficult to get wireless cards running with pfSense. As long as you have a miniPCI slot or a PCI slot with a PCI2miniPCI card there is a wireless-pfSense path left. If, however, you need a miniPCIe module or PCIe card your options are extremely rare.

    Peter



  • I tried the WiFi option in pfSense as well and I had to give up at the end (I posted about it in the wireless section). I came to the conclusion that the hardware that works well with FreeBSD 8.3 in AP mode is very limited and hard to find at best. I could spend hours trying to find the right ath based card on ebay or just spend $90 for a proper AP and be done with it.


Log in to reply