Need help to setup a system with pfSense, 1 modem and 1 router.



  • Hi everyone,

    I'm trying to config a system with pfSense (running on my PC), 1 modem and 1 router.

    Firstly, I've installed pfSense successfully on my PC.

    Then, the step i have to enter 2 interfaces. System shows me that i have 2 interfaces named: em0 and rl0.

    em0 i plugged in with my modem -> internet.
    rl0 i plugged in with my router.

    Both my router and modem has wireless on.

    After i've enter 2 interfaces, em0 for WAN and rl0 for LAN, just the IP for WAN (em0) shown up.

    I've tried use the second function on the menu to assign the IP for LAN interfaces.

    Seem so good, but when i use my laptop (tried with both wireless) to connect to the IP for LAN. Nothing happen. No web interfaces shown up.

    So how can i config my system? I want to use pfSense for captive portal on my wireless system.



  • Disable NAT and DHCP on Modem and Router and let pfSense do it. Also check that ips are not conflicting.

    Be more detailed on topology so we can be more helpful.



  • Hi Wolf666,

    Thank for your reply.

    I have 2 different IP range, for WAN (something like): 192.168.100.1; and for LAN: 192.168.101.2.

    When i assign IP for LAN interfaces, it asks for DHCP Server and some anotherthing, what should i choose?

    Can you tell me what is 'topology'? Sry i don't know that word :(



  • Topology = "how everything is connected"
    Make a diagram of your network - where are the wireless you talk about, which devices connect to pfSense LAN and WAN…



  • Hi phil.davis,

    Thank for your reply!

    How can i make diagram about my network. I mean, any tool can help me or just simple use mspaint or something like that?



  • My network has 3 components:

    1. A PC which is running pfSense,
    2. A modem connects to the internet
    3. A router broadcasts wifi signal,
    4. 2 LAN cards (em0, rl0)

    Both modem and router broadcasts wifi signal.

    I connect my modem with em0 on my PC which is running pfSense.
    I connect my router with rl0 on my PC which is running pfSense.

    When config pfSense, i assign WAN with em0 and LAN with rl0.
    Firstly, LAN interface doenst have IP address, so i assign IP for it by using function 2 from pfSense menu.

    Problem: I used my laptop connect to wireless from my modem to access IP of LAN interface. But the web config page doesnt appear.

    Thats my network.



  • Both modem and router broadcasts wifi signal.

    So the "modem" is a combo internet access device + WiFi - ignore the WiFi on the "modem" device.
    The "router" at point 3 - you do not want any router on the LAN side of pfSense. You need just a dumb WiFi access point. Tell us what (3) "router" is.
    Give "router" LAN side management interface a fixed IP somewhere in pfSense LAN range.
    Plug a "router" LAN port to pfSense LAN.
    Disable DHCP on "router".
    That should make it just a dumb WiFi AP.

    Then you should be able to connect to the "router" WiFi and get DHCP from pfSense.

    If you have been changing pfSense LAN settings at the console, then maybe DHCP on LAN has got disabled. At the stage it would be easiest if you reset to factory defaults - then you will get pfSense LAN 192.168.1.1/24 with DHCP enabled.



  • Hi phil.davis,

    Thank for your reply!

    Firstly, my router is Buffalo WZR-HP-AG300H which is running OpenWRT firmware (OpenWrt Attitude Adjustment 12.09 / LuCI 0.11.1 Release).

    I found this tutorial help me disable DHCP on my router on web interface.

    Go to Network → Interfaces and select the Lan interface.
    Set an IP next to your main router on the field "IPv4 address". (If your main router has IP 192.168.1.1 set 192.168.1.2)
    Then scroll down and select the checkbox "Ignore interface: Disable DHCP for this interface."
    Click the Save and Apply button.
    Now connect the new IP you have just specified(192.168.1.2) and check if the settings for the Lan interface are the same you set before.
    Now connect your main router to one of the switch ports of your "new" dumb AP and you are done.

    Source: http://wiki.openwrt.org/doc/recipes/dumbap

    So i just need disable LAN interface on my router or both LAN and WAN interface? Because i found there is 2 interfaces (I plugged in Router and Modem by LAN port).

    Give "router" LAN side management interface a fixed IP somewhere in pfSense LAN range.

    What is pfSense LAN range? Can i assign it like: 10.2.1.10 or i have to assign it like WAN interfaces (if WAN: 192.168.1.1 -> LAN: 192.168.2.1)



  • So i just need disable LAN interface on my router or both LAN and WAN interface?

    The LAN interface on Buffalo WZR-HP-AG300H needs to be enabled, because you are connecting that LAN to pfSense LAN so that the WiFi from that device reaches pfSense LAN.
    What is pfSense LAN range?
    Your pfSense LAN is already 192.168.2.1/24 - so give the Buffalo LAN an IP in that range - like 192.168.2.2
    You could also change pfSense LAN subnet if you like - you need to understand subnets and subnet masks, then you can choose whatever private IP subnet you like.
    Make sure you turn off any DHCP server on Buffalo device.



  • Hi phil.davis,

    Thank for your reply!

    The LAN interface on Buffalo WZR-HP-AG300H needs to be enabled, because you are connecting that LAN to pfSense LAN so that the WiFi from that device reaches pfSense LAN.

    Is that mean i have to disable DHCP Server on WAN interface? Because i don't know anywhere to disable it?



  • You should not need to do anything on Buffalo router WAN - LAN clients will never use the Buffalo routing anyway.



  • Hi phil.davis,

    Thank for your reply!

    I've tried using "Reset to factory defaults" at pfSense option. But after that, i can't (very hard) boot to pfSense. The "Booting…" text shown up then a character show up one by one, very slow. I don't know what happened. I've waited about 3-4 hours but the text is continue running slow.

    How can i fix that?


  • Banned

    @phuongtm:

    The "Booting…" text shown up then a character show up one by one, very slow. I don't know what happened. I've waited about 3-4 hours but the text is continue running slow.

    Disable serial port. Searching the forum helps… :P



  • Hi doktornotor,

    Thank for your reply!

    What "keyword" should i use or can i link me to there?

    I stuck in here


  • Banned

    Disable serial port in your BIOS.


Log in to reply