External Wifi router in depth in pfsense



  • Usually what you do is to turn off firewall etc., turn off NAT and DHCP, configure the wireless settings as desired then just plug the link from the pfsense-box into LAN port 1 instead of WAN port on the router.https://forum.pfsense.org/index.php/topic,46154.msg242148.html#msg242148

    • Can it be used on all wifi routers (from B Era Up)?

    • Can anyone go into details about the configuration of the router to work with pfsense?

    • Will it mess up the system if done incorrectly?

    Need an experienced opinion about this, im relatively a PFsense Greenhorn.


  • Rebel Alliance Developer Netgate

    @onat12:

    Can it be used on all wifi routers (from B Era Up)?

    That's up to the wi-fi ap/router.

    @onat12:

    Can anyone go into details about the configuration of the router to work with pfsense?

    It varies by wi-fi ap/router. You'll have to find documentation specific to your device to set the options mentioned here: https://doc.pfsense.org/index.php/Use_an_existing_wireless_router_with_pfSense

    @onat12:

    Will it mess up the system if done incorrectly?

    It depends on what is done incorrectly. You could end up with an IP conflict or two DHCP servers on the LAN if you aren't careful.



  • @onat12:

    Usually what you do is to turn off firewall etc., turn off NAT and DHCP, configure the wireless settings as desired then just plug the link from the pfsense-box into LAN port 1 instead of WAN port on the router.https://forum.pfsense.org/index.php/topic,46154.msg242148.html#msg242148

    • Can it be used on all wifi routers (from B Era Up)?

    • Can anyone go into details about the configuration of the router to work with pfsense?

    • Will it mess up the system if done incorrectly?

    Need an experienced opinion about this, im relatively a PFsense Greenhorn.

    I wouldn't be scared to try it though… your aren't going to physically hurt anything on pfSense. Nor do you have to change any config on pfSense.  The biggest risk (as Jimp pointed out) is having two DHCP servers trying to allocate the same set of IP addresses.

    The steps typically are:
    1.) configure the router to a static IP address that is in your subnet but not in your pfSense DHCP allocated range and set the gateway to be the pfSense box (for example, Router to 192.168.5.2, gateway to pfSense box at 192.168.5.1, pfSense DHCP IP range of 192.168.5.50 - 192.168.5.100)
    2.) shut off everything on the router that that is not necessary (i.e. what pfSense will be doing instead) such as the DHCP server, any firewall functions, NAT functions, MAC filtering, etc.
    3.) plug the LAN side of pfSense into a LAN port on the router (if the router supports it, you could bridge WAN port to LAN port on the router and still use the WAN port).


Locked