Pfsense and wireless router
-
so my wireless/opt1 interface will atomaticly put me on the LAN and let me access the internet threw the WAN with out making any changes? what is happening is I am connecting to my WLAN and its pulling a DHCP address but then I can not ping or access pfsense or my other wireless router, like its not connected to the LAN, I also can not access the internet.
-
If I understand your config well enough I have a similar setup that is working. I will describe it bellow and hopefully it may provide information that you need.
My setup is like the following
WAN (Ethernet) Connected to ISP
LAN (Ethernet) Connected to Local wired network
OPT1 (Wireless) wireless accessTwo Choices two configure this
1. Bridged:
You can bridge the OPT1 wireless interface to the LAN. This will allow DCHP, and I believe rules for LAN will apply to the wireless connection. The key to this config is the wireless interface has to be in Access Point mode and cannot be bridged to the WAN. Bridging the Opt1 to the LAN does work.2. Non-Bridged:
This method is slightly more secure because you keep the LAN and the Wireless separate. Key thing to remember here is that you have to put in a Rule on the OPT1 interface that allows access to the WAN or the LAN or Both depending on what you want. In my network I have DHCP setup for the wireless network and a static IP for the wireless interface. -
so my wireless/opt1 interface will …
If you changed:
LAN (on pfsense) => WAN (on DI-624) to
OPT1 (on pfsense) => LAN (on DI-624)
then, of course, you have to add appropriet rules and a DHCP server to the OPT1 interface of pfSense unless you bridge it with LAN.
Depends on the amount of separation you need between your LAN and W-LAN subnets. -
First of all thank you very much for the help.
So forgetting about the DI-624 for a moment, I have a couple questions about how the interfaces are interacting here.
My goal is that my wireless/opt1 interface is integrated into the LAN so the LAN and the WLAN would be the same subnet. So is there a reason I should not do this? I understand there is some additional security for having them on different subnets but I don’t have any non wireless systems on the LAN.
When I set the wireless/opt1 to AP to I need to assign it an IP?
As far as rules I haven’t even looked at them because I was still trying to get the interfaces correct. However I am wondering if that is part of my problem, is there default rules not allowing the interfaces to talk to each other.
If there is some please I can get this information other then the forums please let me know so I am not wasting anybody’s time, and agene thank you for the help.
-
My goal is that my wireless/opt1 interface is integrated into the LAN so the LAN and the WLAN would be the same subnet. So is there a reason I should not do this? I understand there is some additional security for having them on different subnets but I don’t have any non wireless systems on the LAN.
When I set the wireless/opt1 to AP to I need to assign it an IP?
If you want the Wireless on the same subnet as the LAN then from the Opt1 interface choose Bridge with LAN. You will notice when you bridge the Opt1 interface that it will not require an IP. The IP will actually be disabled. Then I believe it applies the LAN rules to the Optional interface.
As far as rules I haven’t even looked at them because I was still trying to get the interfaces correct. However I am wondering if that is part of my problem,
Yes. The non-bridged setup that you were doing requires a rule in order to allow the traffic. That is why it didn't work for you in your current setup.
-
If you want to have it on the same subnet just use the built in switch of the router to hook up the pfSense (which I already told you in my first post here ;) ). You don't need an additional interface in the pfSense nor a bridge then.
-
Hoba, I understand what you’re saying and when I do what you’re telling me it dose work.
This is my over all goal, is to use my pfsense system as my gateway and main AP, and have my DI-624 as a secondary AP on the opposite side of my house, so hopefully all of my devices will always have a wireless connection.
If I connect to my DI-624 as an AP and everything works ok, however when I connect to the AP in the pfsence system I get assigned an address from the DHCP server and it says I am connected but I can not ping or get to the webgui on pfsense.
My plan is that once I get both AP’s working I will give them the same SSID and the same WPA auth with one on channel 1 and the other on channel 11.
So at this point I will try agene setting my wireless/opt1 interface to bridge to my LAN interface, and see if I can get out to the internet.
Agene thanks for the help
-
Sorry, just re-read your first post. I didn't realize that you were actually talking about TWO APs.
One W-LAN card within your pfSense router and an external D-Link. I was thinking of the latter only when posting…Have you thought about using a higher gain (omni?) directional antenna on the pfSense W-LAN card trying to cover the entire house at once? This should be highly preferred over a second AP.
- NO second user credentials,
- NO handover issues (which in your case isn't possible anyway)
- never being attached to the weaker/fading AP until connction is dropped
...
-
I am not sure about a different antiana, my issue is funding right now. The reason i am doing it with the router i have and the pfsense box is because i had all the hardware already. so far no money spent just time.
-
http://home.comcast.net/~hqh/html/tworouters.htm
;)
BTW : I sometimes have no connection between secondary router/ap (DI-624) and primary router after a reboot of the DI-624 ; so also no internet connection as the DI-624's WAN port is not used.
A single ping from the DI-624 menu option to the primairy router's IP address is enough to make all ok again.
