Wifi and LAN on same subnet (SOLVED)

Derelict

5. create a bridge: Interfaces -> Bridges, and select LAN and Wifi

You selected LAN, WIFI, and OPT2, not LAN and WIFI.

Change that and if you did everything else it should work.

Rickinfl

Still not working.

Rickinfl

This is a fresh Install of Pfsense. I've connected to it so it has internet access.

Maybe if someone could give me the instructions on how to do this from start.

Here is all I want.

Pfsense on 10.10.0.1
Wifi on 10.10.0.2

Pretty simple. I must have gotten something messed up.

Derelict

The instructions you already posted look pretty good.

Typical debugging should probably be done.

Do you get DHCP on the WIFI port?  On the LAN port?
Can you ping the OPT2 address from the WIFI port?  From the LAN port?
Can you ping the next hop gateway from the WIFI port?  From the LAN port?
Can the Hosts on LAN ping the hosts on WIFI?  Vice versa?
What DNS is being handed out to the DHCP clients?  Is that the DNS server actually in use by the clients? Can you resolve names using that address?
Etc.

Guest

I am of the mind that things could be done easier in pfSense for the creation of bridges and wireless access points. I have considered requesting forum help for a wireless setup wizard -using something like what pfSense includes now at initial setup in WebConfigurator. I know everybody hates wizards but pfsense setup wizard is easy enough to click thru. I would like to see enhanced functionality with it. Is this something that seems logical to  anyone else? I hate doing the cable swap for bridge creation but it works..

A suggestion for help is disable firewall from Advanced Settings on the Menu. It will prevent lockout until you figure it out what is what. And  i know i hate  re-imaging my  CF card -so i do the restore last backup from console - to save time on lockouts when i was  learning. pfsense  automatically saves backups at each settings change it seems. Very convenient.

Rickinfl

Yes I'll have to do some debugging. Just keep cutting myself out.

Do you get DHCP on the WIFI port?  On the LAN port? WiFi yes. Not sure about LAN since I static those.

Can you ping the OPT2 address from the WIFI port?  From the LAN port? I can't ping anything but the wifi device I'm testing with

Can you ping the next hop gateway from the WIFI port?  From the LAN port? No same as above.

Can the Hosts on LAN ping the hosts on WIFI?  Vice versa? No. It's like the bridge blocks everything and isolates the wifi.

What DNS is being handed out to the DHCP clients?  Is that the DNS server actually in use by the clients? Can you resolve names using that address? Even static with DNS still doesn't work.

I'm going to have to do more research on this and try and break it down piece by piece and see what's going on. I've been driving myself crazy trying to figure this out. I know on paper its right and I drew it out many times then applied it.

Just strange.

Thanks for all your time and help.

Rick

Derelict

What firewall rules are on LAN and WIFI?

Does anyone know for sure that the xl driver still works?

Do you get DHCP on the WIFI port?  On the LAN port? WiFi yes. Not sure about LAN since I static those.

Can you try?  If you can get DHCP (and have ARP, etc) then it's not a layer2 problem and we really need to look at rules.

Rickinfl

Wow… Someone really needs to document how to do this!  Need Documentation on Normal setup of WiFi and then WiFi on the Same Subnet.

I've been researching this for almost 2 weeks now and I'm really tied of trying to get this to work.

I have read every post I could find on this. I've watched every Youtube Video and Even the one on Pfsense Site...  The problem is NOT 2 of any of the documentation is the same. Seems everyone does it different, but none of it works.

Really wish someone could post how to do this that's done it already.  :(

Derelict

It's just not that difficult.  Bridging works fine.

The instructions you have already posted cover everything you need to do.

If it doesn't work you need to be able to troubleshoot it to find out what was done incorrectly or where the problem otherwise lies.

Rickinfl

Well I got as far as being able to ping anything on the network from wireless or static. The WiFi just can't get out.  WiFi gets an IP address from DCHP.

Derelict

What are the firewall rules on wifi?  You need rules on all bridge members and the bridge itself.

Rickinfl

LAN Net > Any
WiFi Net > Any
Bridge Net > Any

Rickinfl

Here is all the steps I exactly took:

Fresh Build Pfsense. Got it configured and connected my computer to it and have internet access and access to my LAN.

1. Shut down install WiFi card (Card is on the recommended list of cards that work with Pfsense)
2. Interfaces > Added WiFi card (Opt1) renamed it to WiFi. > Setup WiFi settings.
3. Interfaces > Assign > Bridges > Created a Bridge > Renamed it to Bridge > Selected LAN and WiFi
4. Interfaces > Added new Interface > Opt2 > Renamed to Bridge > Network Port = Bridge
5. DHCP Server > Turned on DHCP for Bridge > Enabled > Set Range. (No DHCP on LAN or WiFi)
6. Firewall > Rules > Added New Rule > Source = Bridge Net > Rest set to Any.
7. System > Advanced > System Tuneables > net.link.bridge.pfil_member > Changed from 1 to 0
8. Interfaces > LAN > IPv4 Configuration Type = None  > IPv6 Configuration Type = None
9. Interfaces > WiFi > IPv4 Configuration Type = None  > IPv6 Configuration Type = None

My Configuration:

Old:

WAN > DHCP
LAN > 10.10.0.1

New:

WAN > DHCP
LAN >
WiFi >
Bridge > 10.10.0.2 > DHCP

I can connect my Phone and Laptop to WiFi. I can ping both from either one. No Internet Access.

Now you know what steps I took to get here. I know them well I've rebuilt it about 20+ Times from scratch trying to get this to work.

Thanks,
Rick

Derelict

@Rickinfl:

LAN Net > Any
WiFi Net > Any
Bridge Net > Any

What interfaces are those on?  There should be no more LAN net or WIFI Net - only Bridge Net.

Rickinfl

Here are the Firewall Rules

Derelict

First, change your bridge rules to any.  You have them set for TCP only.  DNS and many other things won't work like that.

Second, make rules on LAN and WIFI that look EXACTLY like the rules on bridge.  (Not with source LAN net or WIFI net, but for BRIDGE net - yes, on LAN and WIFI, source BRIDGE net)

Rickinfl

Still not working.

Derelict

All your rules are still TCP only, bro.

Change them all to this:


Rickinfl

Did that still not working.

Derelict

What's not working?

Do you get DHCP on the WIFI port?  On the LAN port?
Can you ping the BRIDGE address from the WIFI port?  From the LAN port?
Can you ping the next hop gateway from the WIFI port?  From the LAN port?
Can the Hosts on LAN ping the hosts on WIFI?  Vice versa?
What DNS is being handed out to the DHCP clients?  Is that the DNS server actually in use by the clients? Can you resolve names using that address?
Etc.