Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 LAN's with pfsense in between and no WAN ?

    Problems Installing or Upgrading pfSense Software
    2
    8
    4.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BartDP
      last edited by

      Hello all,

      Is it possible to let pfsense work without a real internet connection ?
      The goal is to replace the WAN site by a LAN1 network (expl. range 192.168.0.1/24)
      and to have a second lan on the LAN interface (expl. range 192.168.1.1/24)

      The goal is to put some servers (ftp, emule , www(forum) ) in the LAN1 and to have a wireless community in the LAN2 (Access point on real LAN interface).
      Can I they use the captive portal to supply access to the LAN1 ?

      How to configure pfsense and dns in this case ?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Sure. You want to shutdown NAT in that case. Go to firewall>nat, outbound tab. Then enable advanced outbound nat and delete all rules that are created in the table below. Now pfSense does simple routing. Add firewallrules to allow the desired traffic and enable the captive portal at the interface you need it. Add your LAN DNS-Servers at system>general and keep the dns-forwarder enabled (needed for captive portal). You also should set up DHCP for all of your subnets where needed at services>dhcp.

        1 Reply Last reply Reply Quote 0
        • B
          BartDP
          last edited by

          Helo Hoba,

          Thanks for reply.

          As I don't have a DNS server in my 2 lan's, is there a way (plugin ?) to let do pfsense the dns part ?

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            at services>dns forwarder enable "Register DHCP leases in DNS forwarder". This way your client's can be resolved by their hostnames. For servers or other static IPs you can add mappings at the same page at the bottom of the page.

            1 Reply Last reply Reply Quote 0
            • B
              BartDP
              last edited by

              Another question in this configuration :

              I have my wifi usb stick configured as WLAN interface (and wireless activated for this, initial opt1, interface)
              Do I now need to bridge this interface with the LAN interface ?
              Will I have the captive portal also on my WLAN if I enable it on the LAN interface ?

              1 Reply Last reply Reply Quote 0
              • H
                hoba
                last edited by

                If you need captive portal at more than one interface bridging the wlan interface to lan might be the only way.

                1 Reply Last reply Reply Quote 0
                • B
                  BartDP
                  last edited by

                  The goal is the have the captive portal only at the WLAN (= opt1) interface.
                  But I don't have the possibility to activate it on this interface (no cap. port. option on the webpage for opt1 interface)

                  1 Reply Last reply Reply Quote 0
                  • H
                    hoba
                    last edited by

                    Then make a seperate subnet for the wlan. captive portal can't be enabled at a bridged interface.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.