  • Hello all,
    I recently replaced my IPCOP box with PFSense.
    my wan and lan nics are working well…I can browse the net from my lan.
    my problem is I want to implement my existing Dlink wifi AP to the PFSense box. 
    I have installed a 3rd NIC to connect the AP to and after I configured the dhcp options for the 3rd nic in PFSense I am getting an IP in the wifi ranged I specified so I know the AP is talking to the PFSense box.
    My problem is I can't get outside my lan while on the wifi side.  It appears to be a gateway issue but I am not sure.
    In IPCOP, you had to grant access on the blue (wifi) side before the AP would work, but I dont see that option in PFSense.
    Here are my internal IP's for the nics in the PFSense box.
    opt1-wifi-----    {not a wifi NIC....just a reg NIC that the wifi AP connects to}
    WAN----dhcp from ISP

    any help would be great....or a link to a howto.

  • Did you create a rule on the OPT1-tab under firewall that allows traffic?
    Per default everything is blocked.

  • OK, after I got your response I created a rule that would allow "any" on the opt1-wifi connection, but I still cant get out.  not sure what is going on.

  • please show a screenshot of the rule you created.

  • OK, here is an attachment of the wifi firewall rule.

  • Ok with this rule it should work.
    What is the OPT2?

    What do the clients on the AP get as gateway?
    what as DNS?

  • opt2 is a yet-to-be implemented nic that I want to use as a dmz.

    My wifi client gets an IP that is in the range that I set for opt1 interface.
    I set the gateway for opt1 as…..that is the IP for my LAN interface.
    this is the strange part though...when I check under diagnostics/interfaces....the gateway for opt1 shows, which is the IP for my wifi AP, even though I set the gateway as

  • Did you set a gateway on the OPT1 config page?
    If yes: delete that.

    You only set that if the OPTx interface is used as an additional WAN.

  • no gateway set on opt1wifi connection…..set no internet connection.

