Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Quick way to enable/disable WiFi AP?

    Scheduled Pinned Locked Moved Wireless
    4 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      David19
      last edited by

      I'm currently waiting for the hardware to arrive to finally get setup with pfSense! Looking forward to it. :)

      I don't have many devices that use WiFi, just an iPad, and when guests come over.
      Is there a fast way to enable/disable the WiFi AP, using a script, etc?

      I'm going to initially use my old WiFi router as an AP, so I was thinking of using a smart plug. Or even a regular plug with a power button on it. I fear, however, that disconnecting power to it may reset the settings, etc. And I will be moving to a PoE AP, so I won't be able to access the power in the same way.

      Is there a quick way, double click on a script file, etc to enable/disable just the WiFi AP? Or is the only way to login to pfSense and enable/disable it that way?
      Thanks!

      David

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        There wouldn't be a way to disable the AP from pfSense unless you have the AP on its own isolated interface, in which case you could disable the interface or toggle a rule so it blocks instead of passes.

        APs typically do not perform NAT so there is no way for the firewall to tell traffic coming from the AP apart from traffic on the wired LAN. If the AP is really a wireless router (which is not recommended), you could block traffic from the IP address of the wireless router… but having it on its own separate interface is better, assuming the wireless devices don't need anything that requires being a part of the LAN subnet.

        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          David19
          last edited by

          @jimp:

          There wouldn't be a way to disable the AP from pfSense unless you have the AP on its own isolated interface, in which case you could disable the interface or toggle a rule so it blocks instead of passes.

          APs typically do not perform NAT so there is no way for the firewall to tell traffic coming from the AP apart from traffic on the wired LAN. If the AP is really a wireless router (which is not recommended), you could block traffic from the IP address of the wireless router… but having it on its own separate interface is better, assuming the wireless devices don't need anything that requires being a part of the LAN subnet.

          Thank you for the reply.

          Yes, it is an older wireless N router. This is a setup in my house, where WiFi isn't that important since I'm wired almost everywhere.
          Why is using an actual router not recommended? I've disabled DHCP, etc, and gave it a static IP.

          My pfSense box only has 2 interfaces (WAN/LAN), and I'm not using VLAN.

          The central location I plugged it into, the plug is within arm's reach (easily disconnect the power if I don't want WiFi)
          I applied a very long random passphrase to help with it's security (WPA2 being the strongest it offers unfortunately, does not accept 3rd party firmware).
          I still need to configure pfSense to not allow people connected via WiFi to access pfSense gui.

          I have been debating getting a Unifi AP, and mounting that in a central location. I imagine you would prefer that as my AP instead of an old router. But I won't be able to easily disconnect it.

          1 Reply Last reply Reply Quote 0
          • N
            n3by
            last edited by

            Disconnecting from AC/DC power will not lose any setting because these are stored in EEPROM.

            I am also using few routers ( Linksys, TPLINK ) as switches and WIFI AP and I have even separate LANs - WIFI on the same router each connected with separate Ethernet cable to pfsense but in my case are with DD-WRT,Tomato firmware and I can also turn WIFI ON/OFF remote, I have them on schedule OFF at night.

            If you don't have free PCI slots for an Ethernet card but you have USB you can use an USB-Ethernet adapter and have your AP-router connected to a different NIC, from pfsense 2.2.4 I found that cheap USB-Ethernet adapter with chipset AX-88772b works OK at 100Mbs in pfsense 2.1.5 that adapter did not worked.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.