1 WAN interface and 2 LAN interfaces



  • Hi all,

    I'm new to the forums here (and pfSense) and just want to confirm something before I begin my first router build next weekend!

    My setup will include an Intel mobo with Realtek GbE LAN chip built-in, an Intel PCIe gigabit NIC, and an ASUS PCIe wireless-AC1900 NIC. What I want to do is make the dedicated Intel PCIe gigabit NIC act as the WAN interface and then make the ASUS wireless NIC and the mobo's built-in LAN chip both act as LAN interfaces and I don't care if they put devices on the same subnet or not. I bought a TP-LINK gigabit switch that I plan on connecting to the mobo's built-in LAN so that all my non-wireless devices have somewhere to connect to the internet.

    I searched through the forums and saw a few other people with "1 WAN + 2 LAN" questions and also saw the documentation at https://doc.pfsense.org/index.php/Multi-LAN_Setup regarding "Multi-LAN, Single Gateway" and just wanted to confirm that what I want to do is possible and covered by the previously mentioned documentation.

    Thanks in advance!
    Mark



  • @MarkVLK:

    and an ASUS PCIe wireless-AC1900 NIC.

    Make sure your wireless NIC is on this list: https://doc.pfsense.org/index.php/Supported_Wireless_Cards

    @MarkVLK:

    and just wanted to confirm that what I want to do is possible and covered by the previously mentioned documentation.

    Yes, and yes!



  • Thanks for the quick reply!

    Looks like I didn't do enough research  :-\  I didn't realize that pfSense only supports up to wireless-g… That won't suffice for my 105 Mbps down connection at home.

    I guess I'll probably return the wireless-AC card I bought then and purchase a wireless-AC AP to connect to the mobo's built-in LAN. Would I still be able to monitor every device by IP if I did this, or would I then only see the wireless AP as one device in pfSense's web GUI?



  • @MarkVLK:

    I guess I'll probably return the wireless-AC card I bought then and purchase a wireless-AC AP to connect to the mobo's built-in LAN. Would I still be able to monitor every device by IP if I did this, or would I then only see the wireless AP as one device in pfSense's web GUI?

    I think this link answers my question: https://doc.pfsense.org/index.php/Use_an_existing_wireless_router_with_pfSense

    Can somebody confirm?



  • As long as you make sure the Wireless Access Point does NOT issue DHCP, pfsense will "know" about all the IP's on your network (assuming no one sets up their own static IP).

    If you want to really lock it down, put another NIC card in your box and attach the WAP to the NIC on a different subnet.  That lets you isolate out wireless traffic and gives you full control of the interaction (or lack of of it) between the two subnets.



  • My new plan is to install the wireless-AC adapter in my desktop computer, cancel the order for the switch, and just use the dedicated gigabit NIC as the WAN interface and the mobo's onboard gigabit port for LAN. I purchased a Netgear R7000 so the plan is to install DD-WRT on that and then turn off DHCP and just use it as a wireless AP plugged into my pfSense box's LAN port.

    This should work, right?



  • Sounds like a reasonable plan.  DD-WRT will give you full control of the WAP and make things easier.

    Good luck, welcome to pfsense  :)



  • @MarkVLK:

    My new plan is to install the wireless-AC adapter in my desktop computer, cancel the order for the switch, and just use the dedicated gigabit NIC as the WAN interface and the mobo's onboard gigabit port for LAN. I purchased a Netgear R7000 so the plan is to install DD-WRT on that and then turn off DHCP and just use it as a wireless AP plugged into my pfSense box's LAN port.

    This should work, right?

    I'm confused ??? (per usual). Like this?

    Internet <–> [ 1Gbps NIC - Desktop Computer - AC1900 NIC ] <-Wi-Fi-> [DD-WRT on R7000] <–> Client Devices

    With pfSense then virtual on the Desktop Computer?



  • @MindfulCoyote:

    I'm confused ??? (per usual). Like this?

    Internet <–> [ 1Gbps NIC - Desktop Computer - AC1900 NIC ] <-Wi-Fi-> [DD-WRT on R7000] <–> Client Devices

    With pfSense then virtual on the Desktop Computer?

    Sorry, somehow I missed this!

    I have it set up like so:

    Internet (cable modem) <-WAN-> 1 Gbps NIC (onboard MOBO) - 1 Gbps Intel NIC <-LAN-> R7000 setup as AP (no DD-WRT for now)

    pfSense is running as the full blown OS on the computer I built, it's not virtual, all physical!