PFsense to wireless router



  • Hello everyone. Tomorrow, I will be setting up my first pfsense unit (and I am really excited about it lol). This will be my set up. WAN>PFSENSE>Switch>2 wireless router. What are the things I need to do in order to put wireless clients in the same LAN subnet or should I say in order for pfsense to give DHCP to the devices connected wirelessly.

    Wish me luck!



  • Give the wireless router an IP address in your LAN subnet, just so you can manage it.
    Connect a LAN port of the wireless router to your LAN switch.
    Turn off DHCP on the wireless router.
    Now it is just a dumb wireless, not doing "router" any more. Wireless clients that connect to it and ask for DHCP will get served DHCP from pfSense, which will give them pfSense as their default gateway etc.



  • Thanks Phil. I can now access the GUI in the browser. But I am now stuck at WAN setting. Our ISP gave us several public IP addressess. 122.xx.xx.xxx, Subnet /28 in CIDR, Gateway 122.xx.xx.xxx, THen 2 DNS. When I am setting up a router I just put these IP setting and internet will work by then. But I think pfsense is more complicated.



  • Use one public IP for pfsense WAN interface

    You'll want to setup virtual IP's for each (secondary) public IP -  Firewall => Virtual Ips

    For 1:1 NAT (which will allow example~ port 80 to be NATd to [your static internal DHCP reservations]  = as many virtual IP's + internal machines / VM's)



  • Thanks mudmanc. But can I use only one of these public IPs? It sounds more complicated. Or it is really needed to set up WAN with static settings?



  • Sorry for double posting. I cant give you guys my settings since I am not in office til monday. But I read some posts here about putting gateway on LAN. And I think that is my mistake. I will try it til then.



  • You can use all the IP's allocated to you from your ISP

    The WAN gateway is the gateway supplied within the subnet your ISP gives you

    Your LAN gateway will the the static IP that you choose for for the specific LAN IP

    It's only seemingly complicated until you dig in.

    In your case, you should not have to enter any secondary gateway for the WAN , when setting up the Virtual IP's , as they will use the same gateway as the initial Static IP. Which will be automatic in your case.

    Do you have internet access within pfsense right now ?



  • @dannieldin:

    Sorry for double posting. I cant give you guys my settings since I am not in office til monday. But I read some posts here about putting gateway on LAN. And I think that is my mistake. I will try it til then.

    You neverset a gateway on the Interfaces->LAN page. The gateway there is an Upstream Gateway - somewhere that leads to the internet.
    The clients on LAN will have the LAN IP as their upstream gateway - but pfSense LAN itself must NOT have gateway set.
    The text on 2.1.1 has beenenhanced to say "Upstream Gateway" instead of just "Gateway" and more description aded. Hopefully that will help people understand when to use it - only for WAN-type interfaces.



  • @phil.davis:

    @dannieldin:

    Sorry for double posting. I cant give you guys my settings since I am not in office til monday. But I read some posts here about putting gateway on LAN. And I think that is my mistake. I will try it til then.

    You neverset a gateway on the Interfaces->LAN page. The gateway there is an Upstream Gateway - somewhere that leads to the internet.
    The clients on LAN will have the LAN IP as their upstream gateway - but pfSense LAN itself must NOT have gateway set.
    The text on 2.1.1 has beenenhanced to say "Upstream Gateway" instead of just "Gateway" and more description aded. Hopefully that will help people understand when to use it - only for WAN-type interfaces.

    Stated much more clearly than I , where i could have said something to the effect of 'your LAN hosts gateway is the static IP set on the LAN interface'


Log in to reply