How to setup pfsense with wireless router bridged?



  • I'm bridging my comcast router and I cannot login to my pfsense. I will be running my ddwrt router for wifi access from my pfsense box. I can login to pfsense before I bridge my other router. i go thru setup and then save settings and I can't get any access to pfsense. I set my wan and lan and subnet  mask. I'm not sure what i am doing wrong. Is there a tutorial out there? I found one on youtube and it isn't helping.


  • LAYER 8 Netgate



  • my ddwrt is setup as an ap. it is plugged into the lan on pfsense. my wan is plugged into my bridged router modem with comcast. wan 10.0.0.2/24
    lan 192.168.1.1 static I can't access pfsense  any thoughts?


  • LAYER 8 Netgate

    What is the IP setting for the AP?  What is your DHCP scope on LAN on pfSense?  Are your wireless clients getting DHCP?

    If there's a communication problem, post screenshots.



  • this is the setttings for my ddwrt ap          First do a ‘hard reset’ (look up 30/30/30 on the DD-WRT site)
    Connect to the ‘dd-wrt’ device, then connect to the router through a web browser (http://192.168.1.1).  The built in DHCP server will work for now.
    Disable the WAN connection (Setup->Basic Setup->WAN Connection Type:  Disabled)
    Change the Router Name (Setup->Basic Setup->Router Name: <whatever>– this is helpful later)
    Assign WAN port to Switch (Setup->Basic Setup->Assign WAN Port to Switch: Check – Optional, but I like to do this to gain the extra port)
    Disable DHCP Server (Setup->Basic Setup->DHCP Server:  Disable)
    Optionally set up NTP
    Change Operating Mode to ‘Router’ (Setup->Advanced Routing->Operating Mode:  Router)
    Set Wireless SSID (Wireless->Basic Settings->Wireless Network Name:  <your ssid="">)
    Set Wireless Security (Wireless->Wireless Security [It's optional, but just do it.])
    Recommend WPA2, AES, Complex key
    Disable DNSMasq (Services->Services->DNSMasq: Disable)
    Disable Firewall (Security->Firewall->SPI Firewall:  Disable)
    Disable Routing (Administration->Management->Routing:  Disable)
    Set Wireless Power (Wireless->Advanced Settings->TX Power:  50mW)
    This may be specific to this model of hardware, but it’s not a bad idea anyway
    Save & Apply
    That was easy – now the tricky bit:

    You can’t set DD-WRT to use DHCP for the LAN interface from the web.  You can, however, configure a start-up script to accomplish the same thing.  This is done from Administration->Commands – Copy in the following code and save it as the startup script.

    ln -s /sbin/rc /tmp/udhcpc
    /usr/sbin/udhcpc -i br0 -p /var/run/udhcpc.pid -s /tmp/udhcpc -H nvram get router_name
    route add default gw nvram get wan_gateway
    nvram set wds_watchdog_ips="nvram get wan_gateway"

    Config DNS

    /bin/cat /etc/resolv.conf | /bin/grep -v nameserver > /tmp/resolv.conf
    /bin/echo nameserver nvram get wan_get_dns >> /tmp/resolv.conf
    /bin/cp /tmp/resolv.conf /etc/resolv.conf     </your></whatever>


  • LAYER 8 Netgate

    I don't understand how AP mode is called Router mode.  I also don't understand why you need to get a WAN gateway.  And AP is a bridge.  It bridges wireless to the wired ethernet.  All you need is a static IP on the unit so you can get at its web interface - and that's optional for client connectivity.

    If I was setting this up I would set something like this:

    pfSense LAN: 192.168.1.1/24
    DHCP Pool: 192.168.1.129 - 192.168.1.254

    LAN address of AP: 192.168.1.17

    Then set up your Wireless network and disable DNS/DHCP/etc like you have.

    Are your wireless clients getting DHCP from pfSense?



  • my clients are getting dhcp from pfsense. I will try your suggestion



  • Operating Mode:
    If the router is hosting your Internet connection, select Gateway mode. If another router exists on your network, select Router mode.



  • I found out from comcast my Technicolor modem/router they provided me with will not bridge properly. they are sending me an arris or cisco that will bridge properly. I hope that is the issue.


  • LAYER 8 Netgate

    Hmm.  In the interim if you are getting a private IP from DHCP from your modem you should be able to uncheck "Block private networks" on your WAN interface and get online, albeit with double NAT.



  • I broke my ddwrt router going bananas over this! I can login with my wan plugged into my modem/router from comcast. 10.0.0.2  I then configure my lan and I go thru setup fine when it  saves the config it kicks me out??? I have to reboot to log back in and try the config again and same thing and yes I believe you are right It sets up nat so I'm assuming I have double nat. I also unchecked block bogon networks



  • i'm rinning pfsense on a old laptop. Everytime I hook up the usb ehternet card it picks it up but i lose connection to the rouer



  • I'm still unable to access the login page with pfsense with my laptop alone.  My wan and lan are set and not conflicting


  • LAYER 8 Netgate

    Show us your screenshots of your interfaces.



  • I now have wifi with pfsense. It was something from comcast blocking they said. I now cannot login to pfsense still with 192.168.1.1 the machine is working and allowing internet. I would like t add packages now :D


Log in to reply