Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using physical WAP on pfSense whitebox

    Scheduled Pinned Locked Moved Wireless
    3 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      leecoursey
      last edited by

      Hello everyone.

      I have a pfSense box running on an older Dell desktop.  It is the gateway for my Windows network and it does Multi-WAN balancing.

      I want to know the feasibility of directly connecting a Wireless Access Point to ethernet on the pfSense box and only allowing the traffic connected to it to go straight out through the WAN connections.  In other words, it becomes direct guest access to the Internet without giving connected users the ability to see network resources.

      I have a trendNET WEP653AP and an available Eth connection on the pfSense box.  The trendnet WAP has the ability to manage DHCP.

      Can someone provide some guidance?

      1 Reply Last reply Reply Quote 0
      • M
        MaxPF
        last edited by

        I have a somewhat similar setup for my home network, except I use an Alix box and an Engenius WAP with 2 SSID's: one bridged to lan and the second (bound to a separate Vlan) with just internet access, isolated from LAN.

        In your case, just connect the AP to the available port on your pfSense box and set the firewall rules accordingly. Personally I would let pfSense manage the DHCP stuff just to keep things simple.

        1 Reply Last reply Reply Quote 0
        • L
          leecoursey
          last edited by

          Right now pfSense does not handle any of the DHCP for the network.  It's all handled by the Windows servers.

          Does anyone have an idea about what the Firewall rules would look like for this?

          For Reference I have :

          • LAN

          • WAN1

          • WAN2

          • WAP

          Where WAN1 and WAN2 are my (obviously) my two WAN connections and LAN is my LAN.  I would like to have all WAP traffic isolated from the LAN so that there's no possibility of accessing network resources through that connection.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.