Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1 WAN interface and 2 LAN interfaces

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MarkVLK
      last edited by

      Hi all,

      I'm new to the forums here (and pfSense) and just want to confirm something before I begin my first router build next weekend!

      My setup will include an Intel mobo with Realtek GbE LAN chip built-in, an Intel PCIe gigabit NIC, and an ASUS PCIe wireless-AC1900 NIC. What I want to do is make the dedicated Intel PCIe gigabit NIC act as the WAN interface and then make the ASUS wireless NIC and the mobo's built-in LAN chip both act as LAN interfaces and I don't care if they put devices on the same subnet or not. I bought a TP-LINK gigabit switch that I plan on connecting to the mobo's built-in LAN so that all my non-wireless devices have somewhere to connect to the internet.

      I searched through the forums and saw a few other people with "1 WAN + 2 LAN" questions and also saw the documentation at https://doc.pfsense.org/index.php/Multi-LAN_Setup regarding "Multi-LAN, Single Gateway" and just wanted to confirm that what I want to do is possible and covered by the previously mentioned documentation.

      Thanks in advance!
      Mark

      1 Reply Last reply Reply Quote 0
      • M
        MindfulCoyote
        last edited by

        @MarkVLK:

        and an ASUS PCIe wireless-AC1900 NIC.

        Make sure your wireless NIC is on this list: https://doc.pfsense.org/index.php/Supported_Wireless_Cards

        @MarkVLK:

        and just wanted to confirm that what I want to do is possible and covered by the previously mentioned documentation.

        Yes, and yes!

        Err

        –
        Erreu Gedmon

        Firewalls are hard...
        but the book makes it easier: https://portal.pfsense.org/book/

        1 Reply Last reply Reply Quote 0
        • M
          MarkVLK
          last edited by

          Thanks for the quick reply!

          Looks like I didn't do enough research  :-\  I didn't realize that pfSense only supports up to wireless-g… That won't suffice for my 105 Mbps down connection at home.

          I guess I'll probably return the wireless-AC card I bought then and purchase a wireless-AC AP to connect to the mobo's built-in LAN. Would I still be able to monitor every device by IP if I did this, or would I then only see the wireless AP as one device in pfSense's web GUI?

          1 Reply Last reply Reply Quote 0
          • M
            MarkVLK
            last edited by

            @MarkVLK:

            I guess I'll probably return the wireless-AC card I bought then and purchase a wireless-AC AP to connect to the mobo's built-in LAN. Would I still be able to monitor every device by IP if I did this, or would I then only see the wireless AP as one device in pfSense's web GUI?

            I think this link answers my question: https://doc.pfsense.org/index.php/Use_an_existing_wireless_router_with_pfSense

            Can somebody confirm?

            1 Reply Last reply Reply Quote 0
            • D
              divsys
              last edited by

              As long as you make sure the Wireless Access Point does NOT issue DHCP, pfsense will "know" about all the IP's on your network (assuming no one sets up their own static IP).

              If you want to really lock it down, put another NIC card in your box and attach the WAP to the NIC on a different subnet.  That lets you isolate out wireless traffic and gives you full control of the interaction (or lack of of it) between the two subnets.

              -jfp

              1 Reply Last reply Reply Quote 0
              • M
                MarkVLK
                last edited by

                My new plan is to install the wireless-AC adapter in my desktop computer, cancel the order for the switch, and just use the dedicated gigabit NIC as the WAN interface and the mobo's onboard gigabit port for LAN. I purchased a Netgear R7000 so the plan is to install DD-WRT on that and then turn off DHCP and just use it as a wireless AP plugged into my pfSense box's LAN port.

                This should work, right?

                1 Reply Last reply Reply Quote 0
                • D
                  divsys
                  last edited by

                  Sounds like a reasonable plan.  DD-WRT will give you full control of the WAP and make things easier.

                  Good luck, welcome to pfsense  :)

                  -jfp

                  1 Reply Last reply Reply Quote 0
                  • M
                    MindfulCoyote
                    last edited by

                    @MarkVLK:

                    My new plan is to install the wireless-AC adapter in my desktop computer, cancel the order for the switch, and just use the dedicated gigabit NIC as the WAN interface and the mobo's onboard gigabit port for LAN. I purchased a Netgear R7000 so the plan is to install DD-WRT on that and then turn off DHCP and just use it as a wireless AP plugged into my pfSense box's LAN port.

                    This should work, right?

                    I'm confused ??? (per usual). Like this?

                    Internet <–> [ 1Gbps NIC - Desktop Computer - AC1900 NIC ] <-Wi-Fi-> [DD-WRT on R7000] <–> Client Devices

                    With pfSense then virtual on the Desktop Computer?

                    Err

                    –
                    Erreu Gedmon

                    Firewalls are hard...
                    but the book makes it easier: https://portal.pfsense.org/book/

                    1 Reply Last reply Reply Quote 0
                    • M
                      MarkVLK
                      last edited by

                      @MindfulCoyote:

                      I'm confused ??? (per usual). Like this?

                      Internet <–> [ 1Gbps NIC - Desktop Computer - AC1900 NIC ] <-Wi-Fi-> [DD-WRT on R7000] <–> Client Devices

                      With pfSense then virtual on the Desktop Computer?

                      Sorry, somehow I missed this!

                      I have it set up like so:

                      Internet (cable modem) <-WAN-> 1 Gbps NIC (onboard MOBO) - 1 Gbps Intel NIC <-LAN-> R7000 setup as AP (no DD-WRT for now)

                      pfSense is running as the full blown OS on the computer I built, it's not virtual, all physical!

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.