Is this setup correct? I'm new setting up PFSENSE



  • Hi is correct? Cable Modem –---- > PFSENSE -------- > Netgear WNDR4500  Wifi Router  -------> TP-LINK TL-SG1016 16 port Gigabit Switch ------------- > Have connected media player, Gaming server, VOIP

    Also do I disable the firewall of my netgear? I'm wundering if its correct setup. I also be needing help to forward quake 3 ports. When router connected to cable modem its online but if i put bfsense between cable modem and netgear its not. Anyways TY



  • It depends on who you want will divide ip addresses

    Better that pfsense will do it
    Better to connect like this
    Cable Modem –---- > PFSENSE-------> TP-LINK TL-SG1016 16 port Gigabit Switch-------- > Netgear WNDR4500  Wifi Router

    Turn off the router dhcp server
    And its firewall

    Assign a ip address not in the distribution of pfsense
    Example
    If the addresses are from 192.168.0.1 to 192.168.0.100

    Assign him an address 192.168.0.102

    The connection between the router to the switch is performed from lan to lan



  • @firefox:

    It depends on who you want will divide ip addresses

    Better that pfsense will do it
    Better to connect like this
    Cable Modem –---- > PFSENSE-------> TP-LINK TL-SG1016 16 port Gigabit Switch-------- > Netgear WNDR4500  Wifi Router

    Turn off the router dhcp server
    And its firewall

    Assign a ip address not in the distribution of pfsense
    Example
    If the addresses are from 192.168.0.1 to 192.168.0.100

    Assign him an address 192.168.0.102

    The connection between the router to the switch is performed from lan to lan

    Ic and My router have ability to have it set as AP. Wouldn't that disable everything that comes to
    security? Also I would like to have Guest WIFI disabling all security would they have access of my
    server? I want guest wifi enable so they wont be able to access other computers and servers.
    Anyway's can you make it more like step by step and for me to under stand better? TY



  • To keep your LAN secure from Guest WiFi you have to put Guest WiFi on a completely separate LAN and subnet. If your pfSense has a 3rd NIC, then plug the WiFi device LAN into that 3rd NIC, assign the 3rd NIC to OPT1 in pfSense, give it a different private subnet, then allow just the traffic that you want from OPT1. The WiFi device should have DHCP and routing off - just be a WiFi access point.
    If you do not have a 3rd NIC, then you have to use VLANs, and for that you need a VLAN switch to connect to pfSense then run both LAN and OPT1-Guest-WiFi on the VLAN switch.


  • Rebel Alliance Global Moderator

    ^ exactly!!!  Right on the button perfect answer, couldn't of said it better myself ;)