Wifi and LAN on same subnet (SOLVED)

Rickinfl · Nov 17, 2014, 9:22 PM

Wow… Someone really needs to document how to do this! Need Documentation on Normal setup of WiFi and then WiFi on the Same Subnet.

I've been researching this for almost 2 weeks now and I'm really tied of trying to get this to work.

I have read every post I could find on this. I've watched every Youtube Video and Even the one on Pfsense Site... The problem is NOT 2 of any of the documentation is the same. Seems everyone does it different, but none of it works.

Really wish someone could post how to do this that's done it already. :(

Derelict · Nov 17, 2014, 10:40 PM

It's just not that difficult. Bridging works fine.

The instructions you have already posted cover everything you need to do.

If it doesn't work you need to be able to troubleshoot it to find out what was done incorrectly or where the problem otherwise lies.

Rickinfl · Nov 17, 2014, 11:46 PM

Well I got as far as being able to ping anything on the network from wireless or static. The WiFi just can't get out. WiFi gets an IP address from DCHP.

Derelict · Nov 18, 2014, 2:46 AM

What are the firewall rules on wifi? You need rules on all bridge members and the bridge itself.

Rickinfl · Nov 18, 2014, 10:30 AM

LAN Net > Any
WiFi Net > Any
Bridge Net > Any

Rickinfl · Nov 18, 2014, 10:52 AM

Here is all the steps I exactly took:

Fresh Build Pfsense. Got it configured and connected my computer to it and have internet access and access to my LAN.

1. Shut down install WiFi card (Card is on the recommended list of cards that work with Pfsense)
2. Interfaces > Added WiFi card (Opt1) renamed it to WiFi. > Setup WiFi settings.
3. Interfaces > Assign > Bridges > Created a Bridge > Renamed it to Bridge > Selected LAN and WiFi
4. Interfaces > Added new Interface > Opt2 > Renamed to Bridge > Network Port = Bridge
5. DHCP Server > Turned on DHCP for Bridge > Enabled > Set Range. (No DHCP on LAN or WiFi)
6. Firewall > Rules > Added New Rule > Source = Bridge Net > Rest set to Any.
7. System > Advanced > System Tuneables > net.link.bridge.pfil_member > Changed from 1 to 0
8. Interfaces > LAN > IPv4 Configuration Type = None > IPv6 Configuration Type = None
9. Interfaces > WiFi > IPv4 Configuration Type = None > IPv6 Configuration Type = None

My Configuration:

Old:

WAN > DHCP
LAN > 10.10.0.1

New:

WAN > DHCP
LAN >
WiFi >
Bridge > 10.10.0.2 > DHCP

I can connect my Phone and Laptop to WiFi. I can ping both from either one. No Internet Access.

Now you know what steps I took to get here. I know them well I've rebuilt it about 20+ Times from scratch trying to get this to work.

Thanks,
Rick

Derelict · Nov 18, 2014, 4:13 PM

@Rickinfl:

LAN Net > Any
WiFi Net > Any
Bridge Net > Any

What interfaces are those on? There should be no more LAN net or WIFI Net - only Bridge Net.

Rickinfl · Nov 18, 2014, 4:23 PM

Here are the Firewall Rules

Derelict · Nov 18, 2014, 4:31 PM

First, change your bridge rules to any. You have them set for TCP only. DNS and many other things won't work like that.

Second, make rules on LAN and WIFI that look EXACTLY like the rules on bridge. (Not with source LAN net or WIFI net, but for BRIDGE net - yes, on LAN and WIFI, source BRIDGE net)

Rickinfl · Nov 18, 2014, 4:51 PM

Still not working.

Derelict · Nov 18, 2014, 4:53 PM

All your rules are still TCP only, bro.

Change them all to this:

![Screen Shot 2014-11-18 at 8.56.33 AM.png](/public/imported_attachments/1/Screen Shot 2014-11-18 at 8.56.33 AM.png)
![Screen Shot 2014-11-18 at 8.56.33 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2014-11-18 at 8.56.33 AM.png_thumb)

Rickinfl · Nov 18, 2014, 5:13 PM

Did that still not working.

Derelict · Nov 18, 2014, 5:26 PM

What's not working?

Do you get DHCP on the WIFI port? On the LAN port?
Can you ping the BRIDGE address from the WIFI port? From the LAN port?
Can you ping the next hop gateway from the WIFI port? From the LAN port?
Can the Hosts on LAN ping the hosts on WIFI? Vice versa?
What DNS is being handed out to the DHCP clients? Is that the DNS server actually in use by the clients? Can you resolve names using that address?
Etc.

Rickinfl · Nov 18, 2014, 5:26 PM

Wait… From my phone I'm connected to Pfsense. I opened Chrome browser and can't get to any website, BUT I just accidentally went to my cloud and it loaded. At this point and some testing... I can access any https site, just not http sites.

Derelict · Nov 18, 2014, 6:03 PM

Let me guess. You're also trying to run squid or snort or both.

Rickinfl · Nov 18, 2014, 6:12 PM

No actually it's a fresh install and no packages installed.

Can't seem to figure out what it is. So Close! smh

Derelict · Nov 18, 2014, 6:34 PM

That doesn't make any sense. pf or otherwise. Firewall logs logging anything?

Rickinfl · Nov 18, 2014, 6:48 PM

I don't see anything,

But the question I have is how long has WiFi worked just was blocking non secure websites? I'll backup the config then rebuild it again from scratch and find out.

I really appropriate all the help you've given me. Thank You for all your Help!

Rick

Derelict · Nov 18, 2014, 7:07 PM

Proxy configured in the web browser? Weird.

Rickinfl · Nov 18, 2014, 7:19 PM

Totally rebuilt it. Setup just like I did before. WiFi works on https only. So this whole time it basically worked. Just not for non secure!

I'm going over everything since now I have fresh log files.