Wifi AP in OPT port
-
Hi,
another perhaps noob question here, but I have a Wifi router that has been converted into a wireless AP.
It has a static address on my net.
It was plugged into a switch on the lan, but I would like to isolate it into an OPT interface on the pfsense box.
I have created the interface, bridged it to the LAN, but since the AP has a fixed IP address, how do I configure
the IP configuration type in the interface to ensure clients connecting to the AP still get a DHCP address ?
If I select DHCP in the interface that should mean that the pfsense box will issue an address from the DHCP pool to the AP
not necessarily anyone connected to it…right ?
What am I not getting here?If I set it to None, then anything connecting to it is NOT getting an IP address..
thanks
Chris
-
If you want to isolate it what is the bridge for? That's the opposite of isolation.
Delete the bridge
Pick a new subnet for the OPT1 network
Set OPT1 to use that subnet
Put the appropriate firewall rules on OPT1 for your Wi-Fi users
Create a DHCP instance for OPT1
-
And don't use the "router" bit of "WiFi router". Ignore its "WAN" port - plug one of its LAN ports into pfSense OPT1. Disable DHCP on "WiFi router". That way it will act like just a dumb AP, and clients can get their DHCP, DNS… direct from pfSense.
-
If you want to isolate it what is the bridge for? That's the opposite of isolation.
Delete the bridge
Pick a new subnet for the OPT1 network
Set OPT1 to use that subnet
Put the appropriate firewall rules on OPT1 for your Wi-Fi users
Create a DHCP instance for OPT1In the Itnterface allocation tab for pfsense, when I enable the OPT interface it is looking for an IP configuration type which has DHCP, Static etc.
When you state "Pick a new subnet for the OPT1 net" how would I do that ? Sorry I'm not clear on that part. IF I want to create a DHCP instance, would I select this as an IP config type ? IF so wouldn't that conflict with my AP which already has a fixed IP address ? IF you are referring to activating the DHCP service on the OPT interface, then that is only possible if my OPT interface has a static address which I can do in the interface assignment tab, however since the AP already has a pre-canned Fixed IP, what should I do. Change the AP to DHCP ? not clear on how that works.
…and thanks very much for your insight and assistance.Chris
-
Choose an unused subnet from the RFC1918 space. Assign it to pfSense OPT1. Set a DHCP instance for OPT1 that serves config for that subnet.
Here are some random choices:
10.244.200.0/24
172.26.198.0/24
192.168.29.0/24Set the IP address for the LAN side of your router to a static IP on the OPT1 subnet, turn off DHCP on the AP like phil said. Plug the LAN side of your AP into the OPT1 subnet.
https://forum.pfsense.org/index.php?topic=81014.msg442131#msg442131
-
"Choose an unused subnet from the RFC1918 space. Assign it to pfSense OPT1"
Ok really sorry to ask this, but how and where do I assign a different subnet space to OPT1 ?
The only options on the Interface are to choose the config type. Is this done under DHCP Server
once the OPT is activated ?thanks for your patience…
-
You need to set a static IPv4 on OPT1.
e.g. your LAN IP might be 192.168.42.1/24
Your OPT1 IP could be 192.168.43.1/24
Then set your WiFi device management IP to something in 192.168.43.* (e.g. 192.168.43.2/24) - it is only needed so you can reach its management interface.
Then set a DHCP range on OPT1 in 192.168.43.* - e.g. 192.168.43.100-199Make sure to disable DHCP on the WiFi device.
-
OK thanks,
I think it has just donned on me where I am going wrong.
My Pfsense box has a small network attribution of /24 only.
I'll change that to /16.Correct me if I'm wrong, but I think this is where I went wrong.
Chris
-
Oh good God. Dude. Read a book.
-
Yes I will and thanks.
It works now.cheers
