Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Access AP behind pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      neecross
      last edited by

      Im using pfsense to seperate my network 1 for the home network and one for the guests using a captive portal.
      Is it possible to access the ap on the guest side from the home network side?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        If the home network side is LAN, then the default allow all on LAN rule will let you initiate a session from a client system on LAN to the IP address of the guest AP.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • N
          neecross
          last edited by

          the home network is on the wan port :/ cant i get it to work this way?

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            You can setup a port forward to point at the AP so you can access it from the WAN side. However it seems a bit of an odd way to have your network setup. Are you using pfSense just for the captive portal?

            Steve

            1 Reply Last reply Reply Quote 0
            • N
              neecross
              last edited by

              ye the pfsense box is just for the captive portal

              1 Reply Last reply Reply Quote 0
              • K
                kejianshi
                last edited by

                I think its smarter to put an extra NIC card in the pfsense so that you have

                WAN  (assigned by ISP DHCP)  Plugged directly into modem
                LAN (for you)        -  10.15.20.0/24
                OPT (for visitors)  -  10.15.21.0/24

                Then plug an AP into OPT1 port for visitors.  Bind Captive portal to OPT1
                If the AP gets a STATIC IP on the OPT1, you can allow just that 1 IP to LAN net (10.15.20.0/24) in Firewall Rules. 
                Then:
                In firewall rules for interface OPT1 block any with DESTINATION LAN net  (10.15.20.0/24)  (Before the pass everything rule)

                The AP interface should be available to you.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.