[vc_row][vc_column_text css=”.vc_custom_1571037318967{margin-top: 75px !important;}”]

Objective of this article

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]In this article we explain how to configure a WIFI interface on pfSense® 2.4.xJTVCYWRyb3RhdGUlMjBiYW5uZXIlM0QlMjIzJTIyJTVE

Software used

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]pfSense® 2.4.X

Hardware used

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]The hardware used for the tests consisted of 4GB 16GB RAM and 4 Sk 10/100/1000 network: Entry Level Firewall 4 NIC APU4 based 4GB RAM + WIFI but can easily be applied to higher level hardware like this one : AUTM5 Aluminum + WIFI Firewall Appliance

Download ready-to-use Wifi configurations

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]To facilitate the configuration and testing of wifi configurations, we have prepared a series of configuration files ready for use. Once loaded on your device pfSense or OPNsense can save time and facilitate tests.
Configurations are available for the following hardware:

  • Firewall compatible: Wifi APU – pfSense and OPNsense version;
  • Firewall compatible: Compact Small UTM 3 Wifi – pfSense and OPNsense version;
  • Firewall compatible: Small UTM 3 Wifi – pfSense and OPNsense version.Wifi configurations for pfSense and OPNsense firewalls.
[vc_btn title=”Click on the following link to download the configuration files” style=”custom” custom_background=”#00a0df” custom_text=”#ffffff” i_icon_fontawesome=”fas fa-chevron-circle-right” add_icon=”true” link=”url:https%3A%2F%2Fwww.firewallhardware.it%2Fopt%2FpfSenseOPNsense%2Fconfigurations-wifi-firewall-pfsense-opnsense%2F|title:Wifi%20configurations%20for%20pfSense%20and%20OPNsense%20firewalls|target:%20_blank|” css=”.vc_custom_1593693822663{margin-top: -15px !important;}”]

Introduction

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]There are many tutorials on the Internet for wireless configuration of pfSense®, but most of them don’t seem to work and the rest is for previous versions of pfSense®.

Prerequisites:

  • Have a wireless card supported by pfSense® (eg WLE200NX)
  • Make sure the card is properly mounted in the mPCIe slot and that the antenna cables are securely connected
  • The card is detected by pfSense®

Now, step by step instructions.

How to configure a WIFI card in bridge with the LAN in pfsense

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]If on pfsense you have a WIFI card and you want that, who connects to this wifi, is part of the LAN network (so it will take the DHCP of the LAN, will have a LAN address, etc.), it will be necessary to create a bridge between the LAN and WIFI as described in this guide.First we create a fictitious interface:
Select Interface-> Assignment[vc_single_image image=”18616″ img_size=”full” onclick=”link_image”]Click on the PPPs tab then “Add“[vc_single_image image=”18618″ img_size=”full” onclick=”link_image”]Configure as below, then save[vc_single_image image=”18620″ img_size=”full” onclick=”link_image”]

Configure the WIFI interface

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]Select Interface-> assignement and then tab “wireless

Click on “add” configure as below and save. The card: “ath0 (Atheros 9280)” will change based on the sk wifi you have installed[vc_single_image image=”18622″ img_size=”full” onclick=”link_image”]Select Interface->assignement, then from “avaible network ports” select the wifi port (i.e. ath0_wlan0 …) then add. The result will be similar to the figure below (instead of “wifi” you will probably have “OPT1”). Click on the interface just created (“OPT1″)[vc_single_image image=”18624″ img_size=”full” onclick=”link_image”]Configure the WIFI interface with your SSID, preshared key, etc. An example below:[vc_single_image image=”18626″ img_size=”full” onclick=”link_image”][vc_single_image image=”18628″ img_size=”full” onclick=”link_image”]

NIC Preparation

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]From Interface->assignment, add the newly created “PPP” temporary port, selecting it from “Avaible network ports:” and then clicking on add. As in the figure[vc_single_image image=”18630″ img_size=”full” onclick=”link_image”]Now click on the newly created tab (in the OPT2 example)[vc_single_image image=”18632″ img_size=”full” onclick=”link_image”]Configure it, activate it and choose a name[vc_single_image image=”18634″ img_size=”full” onclick=”link_image”]

Create il bridge

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]From Interface->Assignement then from the TAB “Bridges”, create a new bridge as shown, then save[vc_single_image image=”18636″ img_size=”full” onclick=”link_image”]

Final assignment of the NICs

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]
  • The following operation is delicate;
  • The interface assigned to the LAN must be assigned to LAN_Port (i.e. igb1).

The LAN interface will be assigned to the bridge just created.

These two operations must be carried out in strict sequence. Only when both assignments have been made, saved and applied. The result will be similar to the figure below.[vc_single_image image=”18638″ img_size=”full” onclick=”link_image”]

Create firewall rules

[vc_separator css=”.vc_custom_1557407376721{margin-top: -20px !important;}”]In addition to the rules on the LAN interface, remember to create a rule on WIFI and LAN_PORT to allow traffic. See example on the LAN_PORT interface (create identical rule on WIFI)[vc_single_image image=”18640″ img_size=”full” onclick=”link_image”]The result will be the following[vc_single_image image=”18642″ img_size=”full” onclick=”link_image”]

Related articles

pfSense 2.6: UFS Compatibility Issue

pfSense 2.6: UFS Compatibility Issue

29/08/2022
pfSense: Captive Portal Configuration

pfSense: Captive Portal Configuration

26/05/2022