Limit bandwith & volume to some mobile users/devices

  • Hi guys,

    Is there a way to limit the bandwith/volume for certain people/devices that use my wifi?
    My own internetconnection is already quite limited and I would like know if I can give controlled access to a neighbor who came from abroad and doesn't have an internet connection.

    The LAN connection from my pfsense box goes to a SIP/switch/AP device which I also use for my own wifi at home.
    On my AP I can activate a second guest SSID but that's it, so no possibilities here.
    Can pfsense somehow do this without any additional hardware?

    Thanks in advance!

    ps: since I didn't know how, I posted in general but if there is better section, can a mod please move my post?

  • The second guest SSID, or an external WiFi AP pointing at his house, would need to be on a separate interface to make it properly secure. If you have another physical interface on your pfSense, then easy. Otherwise you need a VLAN switch (small ones are cheap these days) and you can put the device that goes towards his house onto a separate VLAN.

  • You need to segregate those clients on a separate LAN (or VLAN).  That means:

    • A second WiFi Access Point, or a WAP that understands VLANs and lets you assign the different SSIDs to different VLANs

    • A switch that understands VLANs, or a separate interface on the pfSense firewall box

    I'm doing a mix of the two methods, I have VLANs on my network switches, and one of those VLANs is for "guests".  The guest VLAN connects to a cheap consumer WAP which doesn't understand VLANs, but the network switch handles that issue.

    Now that the guest WAP is on a separate VLAN, I can assign limiters in the pfSense firewall rules to any traffic coming from the guest VLAN and going to/from the internet.

Log in to reply