[Cialug] pfSense Guest WiFi
L. V. Lammert
lvl at omnitec.net
Tue May 31 21:10:45 UTC 2022
On Tue, 31 May 2022, Jared Brees wrote:
> What do you mean by "connect it to the WAN port bypassing the internal
> network"? Are you looking to turn off NAT?
>
I used a VLAN to connect the AS1200 WAN to the pvSenseGport to the WAN
port, preventing any WiFi traffic from getting onto the internal network.
> Your connection description didn't make a lot of sense to me. You
> mentioned "the LAN port" as AC1200 WAN <--> pfSense WAN but also listed
> addresses in the same subnet for the AC1200 WAN and pfSense LAN
> (10.0.0.0/24). If you're truly going pfSense LAN <--> AC1200 WAN <-->
> pfSense WAN, you're going to have a hard time.
>
That's the purpose for a VIP (Virtual IP) eh? Adding 10.0.1.254 on the WAN
port, 10.0.1.253 on the WiFi LAN port, .. and 10.0.1.1 on the AC1200 (all
on a VLAN) provide traffic isolation.
AC1200 pfSense pfSense
VLAN99 <> #5/VLAN99 <> WAN/VLAN99
10.0.1.1 10.0.1.253 10.0.1.254
Thanks!
More information about the Cialug
mailing list