Access AP behind pfsense

  • Im using pfsense to seperate my network 1 for the home network and one for the guests using a captive portal.
    Is it possible to access the ap on the guest side from the home network side?

  • If the home network side is LAN, then the default allow all on LAN rule will let you initiate a session from a client system on LAN to the IP address of the guest AP.

  • the home network is on the wan port :/ cant i get it to work this way?

  • Netgate Administrator

    You can setup a port forward to point at the AP so you can access it from the WAN side. However it seems a bit of an odd way to have your network setup. Are you using pfSense just for the captive portal?


  • ye the pfsense box is just for the captive portal

  • I think its smarter to put an extra NIC card in the pfsense so that you have

    WAN  (assigned by ISP DHCP)  Plugged directly into modem
    LAN (for you)        -
    OPT (for visitors)  -

    Then plug an AP into OPT1 port for visitors.  Bind Captive portal to OPT1
    If the AP gets a STATIC IP on the OPT1, you can allow just that 1 IP to LAN net ( in Firewall Rules. 
    In firewall rules for interface OPT1 block any with DESTINATION LAN net  (  (Before the pass everything rule)

    The AP interface should be available to you.

Log in to reply