Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Wireless Access Point WAP on OPT1 with Static Ports enabled (SOLVED)

    NAT
    2
    2
    1892
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xcrustwadx last edited by

      I was getting frustrated with my OPT1 interface using a Wireless access point (DD-WRT on WRT54GS) because I could not get out to the internet.  I came from using IPCOP and blue interface for this purpose.  Now I have finally solved the problem. First let me give my settings:

      LAN 192.168.1.1 subnet 192.168.1.0/24
      OPT1 192.168.2.1  subnet 192.168.2.0/24
      WRT54GS 192.168.2.2 DHCP disabled, connected to OPT1
      WAN DHCP

      I added a rule for OPT1 to allow any traffic to anywhere.
      I also enabled DHCP for OPT1 to give addresses in 192.168.2.0/24 range.

      I was able to get a DHCP address when connected via WIFI and could ping 192.168.1.0/24 addresses but I could not ping any internet addresses.  I could however resolve internet IPs, I just would not get a ping response.

      It turned out to be the static ports option I enabled (various games require this).  I needed to add the same rule for the 192.168.2.0/24 net as I had for the 192.168.1.0/24 net.  I just clicked "add a new rule based off this one" from the Firewall –> NAT --> Outbound page.  After This everything worked OK.

      This is something to consider if you have enabled static ports and are using another interface(OPT1) to separate your wireless clients from your wired ones.

      There were some other posts that had similar problems but none of them worked for me and none of them mentioned the static port option.

      ***Note - If you need to enable static ports please refer to the sticky in the Gaming section of the PFsense forum.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        Your problem was not the "static port option" but more that you forgot to follow the note which is on the AON-page.

        Note:
        If advanced outbound NAT is enabled, no outbound NAT rules will be automatically generated any longer. Instead, only the mappings you specify below will be used. With advanced outbound NAT disabled, a mapping is automatically created for each interface's subnet (except WAN).

        –> you have to add your outbound-NAT rules manually.

        To avoid such problems you could create a single rule with as source "any".

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy