Access AP behind pfsense



  • Im using pfsense to seperate my network 1 for the home network and one for the guests using a captive portal.
    Is it possible to access the ap on the guest side from the home network side?



  • If the home network side is LAN, then the default allow all on LAN rule will let you initiate a session from a client system on LAN to the IP address of the guest AP.



  • the home network is on the wan port :/ cant i get it to work this way?


  • Netgate Administrator

    You can setup a port forward to point at the AP so you can access it from the WAN side. However it seems a bit of an odd way to have your network setup. Are you using pfSense just for the captive portal?

    Steve



  • ye the pfsense box is just for the captive portal



  • I think its smarter to put an extra NIC card in the pfsense so that you have

    WAN  (assigned by ISP DHCP)  Plugged directly into modem
    LAN (for you)        -  10.15.20.0/24
    OPT (for visitors)  -  10.15.21.0/24

    Then plug an AP into OPT1 port for visitors.  Bind Captive portal to OPT1
    If the AP gets a STATIC IP on the OPT1, you can allow just that 1 IP to LAN net (10.15.20.0/24) in Firewall Rules. 
    Then:
    In firewall rules for interface OPT1 block any with DESTINATION LAN net  (10.15.20.0/24)  (Before the pass everything rule)

    The AP interface should be available to you.