Configure pfSense as Repeater ?



  • Hello Community,

    this is my first post, so dont hurt me if the question is already cleared. Didn`t found a solution in the forum.

    So how my subject is "How can I configure pfSense as Repeater?"

    I have one router configured with pfsense acting as Captive Portal. And now i have a second Router with pfsense and want that this Router only repeates the signals.

    I hope anybody can explain me what I have to do.

    Thanks

    //Some more information
    the 2 router are connected together over lan, so I would like to have that the second router spreads out the same wifi like the router 1, how can i achieve this? Thanks



  • please clarify or have the same captive portal users/ configuration on both box ?, spreading is different with replicating what in another box.



  • I have two boxes:

    Box A has the service captive portal installed.

    The Box B is empty until now.

    I would like that the Box B should act as a stupid repeater, that spreads out the same SSID Wlan like Box A and sends all requests to BOX A for Captive Portal requests.

    Hope now it is understandable what i mean


  • Banned

    Complete waste of HW if you want a repeater. (Plus, waste of already poor WiFi speed as well.)



  • @doktornotor
    Thank you for your serious post.

    "Complete waste of HW if you want a repeater"
    I know. But I got this devices for free, so I will not buy repeater when I have this devices.

    "(Plus, waste of already poor WiFi speed as well.)"
    Why poor wiki speed?

    When somebody connects to Box B i would like that the device sends the request to Box A through LAN, so i think this would not a  bad idea.


  • Banned

    You might want to read this regarding the wifi speed: http://www.dd-wrt.com/wiki/index.php/Repeating_Mode_Comparisons

    @Paul6552:

    When somebody connects to Box B i would like that the device sends the request to Box A through LAN, so i think this would not a  bad idea.

    That is not a repeater, plus it will not work like this at all. You should configure captive portal on the other box's WLAN and sync it with the master (box A). Other than that, on box B, C… Z, you can turn the firewall completely off and use it as router only, with the box B WAN IP being on box A LAN. Just add a route to box B WLAN with CP on box A, and configure the LAN rules accordingly, so that traffic from box B WLAN is allowed.



  • The pdf is a very good definition about what is a wds, repeater and repeater bridge.
    I think I would like to establish a wds.

    I will try this on weekend.

    But now I must have cleared some points please:

    1. On the nonmaster-box, i configure captive portal and sync it anyhow to the master. Do you have a link to a guidance or something how to do this?

    2. When I configure the same wlan on the nonmaster-box, do I need to configure else, because can there be collisions because two routers spread out the same wifi?

    Thank you  :)


  • Banned

    What kind of collisions you mean there?



  • maybe when a computer is in the network range of Box A and network range of Box B, that there is something happen.

    And i think i have something else to configure, because imagine you have a network at home and your neighbour has also one with the same wifi name.
    (Obscure but in our example, both have the same wifi-password)

    Your computer would not connect automatically to your neighbour, because behind he has another ssid behind.


  • Banned

    First of all, WDS is NOT supported on pfSense..

    @Paul6552:

    maybe when a computer is in the network range of Box A and network range of Box B, that there is something happen.

    Cannot really see what's supposed to happen, it's either connected to A or B, not both at the same time.

    @Paul6552:

    And i think i have something else to configure, because imagine you have a network at home and your neighbour has also one with the same wifi name.

    They still have different BSSID (AP MAC address)

    @Paul6552:

    (Obscure but in our example, both have the same wifi-password)

    So change the PSK? Or SSID? Or both?



  • Cannot really see what's supposed to happen, it's either connected to A or B, not both at the same time.

    ok

    So change the PSK? Or SSID? Or both?

    no they should have the same ssid and key everywhere they go.
    For example the user is in network from box a and registered your system by captive portal and then he goes through the garden and comes to the network b, the internet should stay, only box b should handle the new requests.

    So is there anywhere a guidance to accomplish this situation?


  • Banned

    @Paul6552:

    no they should have the same ssid and key everywhere they go.
    For example the user is in network from box a and registered your system by captive portal and then he goes through the garden and comes to the network b, the internet should stay, only box b should handle the new requests.

    Dude, of course, but now how's that relevant to your neighbour?!? You do not choose the same SSID and password as your neighbour, end of story.

    Otherwise, what you are describing here is in fact roaming, we have a recent thread about this here, perhaps after reading that you'll come to the conclusion that pfSense is not a WiFi AP distribution and move your efforts to DD-WRT or something else suitable, leaving pfSense with the router/firewall job which it is intended to do. And as for "the internet should stay", pretty much a sci-fi with todays state of "standardization" and implementation, even with dedicated wireless equipment.

    To conclude this (since perhaps someone else might find that useful), here's a (simplified) example of what we have in production, which is pfSense- only based solution, works for CP as a single point of authentication for multiple hotspots. And no, there is no "roaming" (people are not really running between the floors all the time and can survive without FB chat for a couple of seconds) or any similar fancy stuff, just same credentials/vouchers/whatnot and SSID, that's all.

    Master/Firewall:
    WAN: <public ip="">WAN GW: <isp gw="">LAN: 192.168.100.1/24
    WLAN: 10.20.0.1/24 (CP master, SSID: Hotspot, DHCP Server enabled)
    routes added to 10.20.[123].0/24 via 10.20.[123].1

    Floor 1:
    WAN: 192.168.100.251
    WAN GW: 192.168.100.1
    WLAN: 10.20.1.1/24 (CP synced with master, SSID: Hotspot, DHCP Server enabled)
    Disable all packet filtering

    Floor 2:
    WAN: 192.168.100.252
    WAN GW: 192.168.100.1
    WLAN: 10.20.2.1/24 (CP synced with master, SSID: Hotspot, DHCP Server enabled)
    Disable all packet filtering

    Floor 3:
    WAN: 192.168.100.253
    WAN GW: 192.168.100.1
    WLAN: 10.20.3.1/24 (CP synced with master, SSID: Hotspot, DHCP Server enabled)
    Disable all packet filtering

    Etc…</isp></public>



  • Sry for the neighbour, it was only an example which should clear some points - end.

    Thank you so much for your explanation, you saved a lot of time for me. I had thought my project is able to work with pfsense.

    So as you said, i will have my firewall router acting as firewall and captive portal. And all other router with dd-wrt. Is that combination working? Or do I have to configure my firewall also with dd-wrt? I hope dd-wrt is working with pfsense, or better with captive portal !!!  :(

    Is Roaming not working with pfsense and dd-wrt?
    Than i think I have to stay completely with dd-wrt :(


  • Banned

    Roaming is totally client-dependent, see the other thread. As for the proprietary UBNT stuff mentioned there, I have my own opinion about UBNT as a company and about their HW, but that's off-topic here.


  • Netgate Administrator

    If you have already hardware you want to use then maybe consider DD-WRT as Docktornotor suggested or, my preference, the X86 flavour of OpenWRT. There are a lot more wifi features available in both of those.
    If you have ethernet between the two boxes though I would just setup one as an AP only and run all the captive portal and whatever else on the other box with the first box feeding into it. Though if you are doing that consider that a low end wifi AP is very cheap these days and will have more features, lower power consumption, greater range, smaller footprint etc.

    Steve



  • Hello,

    So after thinking and reading, I will not go away from pfsense.
    It has a great captive portal system, that i will not missing.

    I will try to establish the same like doktornotor and I hope this is working with capitve portal as well?

    And when I put my second Box into "AP"-Mode where can I configure the sync to the master?

    When the second box is in sync with the master, will it work with captive portal, so that users can log in on box A and Box B.
    And do they have to reauthenticate when they switch from box A to B or visa versa?

    Thank you for your help and your nerves.


Log in to reply