Wireless on same subnet as lan - help please
Hi, i have been pulling my hair out for the past 2 days. All i want to do is have my wireless card on the same subnet as my lan. So wireless uses the same DHCP server etc.
I have found tons of stuff online, but all fail. I am on the latest version of PFSENSE which is
built on Tue Dec 22 16:37:36 CST 2015
I have tried bridging the WIFI Interce with the LAN interface then changing the LAN interface to use the BRIDGE0. But when that happens I cant log back into PFSENSE nor will it go online.
Can anyone help please?
1)use a switch instead of an interface.
1b)if pfsense has a wireless card builtin ==> remove it and goto 1
1c)if you are really persistant ==> https://doc.pfsense.org/index.php/Interface_Bridges
Why exactly does your wifi need to be on the same network??
I never understand why people think it does.. Are you using something that uses broadcast or multicast? Pfsense is more than capable of running multiple dhcp servers, 1 for your lan network, one for your wifi network. if you have another dhcp server on your lan and you want to use that - you can just relay that on pfsense interface that is your wifi network, etc. etc..
From a security standpoint is much better put them on their own network.. Its also better from wifi standpoint so your not sending all the broadcast/multicast traffic that your lan devices are doing out your wifi network which is shared bandwidth, etc. So love to hear why you feel they should be on the same network..
If you really want your wifi and your lan on the same network - why not just get an Access Point and plug it into your lan?
if you want to have a totally separate wifi network like you said above, does it need an access point connected to its own interface card in PFsense?
yes or on a vlan if your pfsense only has 1 "lan" interface. Or you can use a wifi card in pfsense as the interface for the wifi and accesspoint, etc.
To be honest the AP of your wifi is normally not going to be in the best spot for coverage where pfsense is.. Its much better to get a real AP and correctly mount it where you need coverage… Have a few of them around the area you want wifi, etc.. I have a small house and I have 2, one in the center of the house, and then 1 near the patio door so my patio gets full 5ghz our there, etc..
5ghz does not work good through walls, etc.. If you want good wifi through out your house your more than likely going to want/need more than some wifi card sitting in the corner of some room where your internet comes in at.. And when you go to WiGig or 802.11ad that uses 60ghz the range is very short.. So you would need AP pretty much every room..
Get a real AP, get a nic for pfsense if you want. Or if your switch can do vlans you can just use those. Vlan support is great with an real AP.. Now you can have multiple wifi networks.. 1 for your devices, 1 for you guests, and then 1 for your IoT devices etc.. so you can isolated that security concern away from all your normal network and wifi devices as well..
Got to love how people want to have a real firewall, but then really don't leverage same said firewall for the different devices and access they have on their network.. Do you really want that buddy of yours with his worm/virus/who knows what infected device on the same network as all your equipment? But he wants to use your wifi/internet - so let him use your internet, but be firewalled from all your other stuff.. This is the whole point of running something like pfsense in your home..
thanks for that, makes sense. I had a router I was using as an access point but moved to a Ubiquity.