Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    MAC Filtered Guest WiFi: Linksys E1000 DDWRTv24 + pfSense possible?

    Wireless
    2
    2
    1046
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JMullen last edited by

      Here's a diagram showing what I'm trying to accomplish. Everything is working except the MAC filtered guest WiFi access. I'm wondering if this is possible.

      What I'd like to do is set up some rules within pfSense that checks the MAC against a table of "known" or "trusted" MACs. If it's in the list, then you get placed on the same subnet as my server and everything else. If you're not known or trusted, you get placed on a separate subnet. This way, anyone that connects that I don't trust, they have zero access to any networked devices.

      To take it a step further, once I get this working I'm going to try to find a way to set up some DNS web filtering, bandwidth monitoring, etc.

      Does anyone know if this is possible within pfSense with what I have on hand right now?

      if not, could I get this to work if I:

      A) Set up another NIC and another wireless AP, then configured it as stated above

      or

      B) Set up a WiFi NIC and used it as a wireless AP, then configured it as stated above

      Any input is appreciated :)

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Just tell ddwrt to put a Wi-Fi network on the same VLAN as your main subnet.  Tell it to put your guest BSSID on another VLAN.  Create VLAN interfaces on pfSense and set whatever behavior you want.

        MACs are easily spoofable.  You don't want to use them as a security device.

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post