Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireless Access Point WAP on OPT1 with Static Ports enabled (SOLVED)

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xcrustwadx
      last edited by

      I was getting frustrated with my OPT1 interface using a Wireless access point (DD-WRT on WRT54GS) because I could not get out to the internet.  I came from using IPCOP and blue interface for this purpose.  Now I have finally solved the problem. First let me give my settings:

      LAN 192.168.1.1 subnet 192.168.1.0/24
      OPT1 192.168.2.1  subnet 192.168.2.0/24
      WRT54GS 192.168.2.2 DHCP disabled, connected to OPT1
      WAN DHCP

      I added a rule for OPT1 to allow any traffic to anywhere.
      I also enabled DHCP for OPT1 to give addresses in 192.168.2.0/24 range.

      I was able to get a DHCP address when connected via WIFI and could ping 192.168.1.0/24 addresses but I could not ping any internet addresses.  I could however resolve internet IPs, I just would not get a ping response.

      It turned out to be the static ports option I enabled (various games require this).  I needed to add the same rule for the 192.168.2.0/24 net as I had for the 192.168.1.0/24 net.  I just clicked "add a new rule based off this one" from the Firewall –> NAT --> Outbound page.  After This everything worked OK.

      This is something to consider if you have enabled static ports and are using another interface(OPT1) to separate your wireless clients from your wired ones.

      There were some other posts that had similar problems but none of them worked for me and none of them mentioned the static port option.

      ***Note - If you need to enable static ports please refer to the sticky in the Gaming section of the PFsense forum.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Your problem was not the "static port option" but more that you forgot to follow the note which is on the AON-page.

        Note:
        If advanced outbound NAT is enabled, no outbound NAT rules will be automatically generated any longer. Instead, only the mappings you specify below will be used. With advanced outbound NAT disabled, a mapping is automatically created for each interface's subnet (except WAN).

        –> you have to add your outbound-NAT rules manually.

        To avoid such problems you could create a single rule with as source "any".

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.