In this tutorial, I will explain how to setup a bridged LAN Wi-fi network access point using pfSense. I am going to assume that you need to configure access point in a bridged mode. Our current setup look as follows on console:
The bridge will include LAN (igb2) and Wifi (ath0) interfaces:
bridge0 = LAN + WIFI
You need to configure additional interface (OPT1) and swap them as follows:
- WAN = Public IP/upstream router IP
- LAN = bridge0
- OPT1 = LAN (igb2)
- OPT2 = ath0 (wifi) (I’m using this Atheros AR9280 Chipset based mini pcie from Amazon)
You do not want to lose connectivity to your web interface. Hence you need to take help of OPT1. Do not assign an IP address to bridge0 or ath0 (wifi) interfaces. Make sure DHCP server enabled for LAN interface. Let’s get our hands dirty and make pfSense based all in one access point.
Step #1: Add OPT1 and OPT2 interface
Click on the Interfaces > Assign
Select igb3 network port from drop down menu (or which ever is free in your router) and click on the Add button to create OPT1:
Next repeat the same step to add OPT2 interface with ath0 as a network port. At the end you should have four interfaces as follows:
Step #2: Enable OPT1 interface
Click on the Interfaces > Assign > OPT1 and set it as follows:
Make sure you SAVE the changes.
Step #3: Enable OPT2 (ath0 wifi AP) interface
Click on the Interfaces > Assign > OPT2 and set it as follows (i.e activate access point):
Scroll down a little bit and set mode to ACCESS POINT, SSID, select WME, enable WPA, set WPA pre-shared key (wifi password), WPA mode to WPA2, WPA pairwise to AES as follows:
Make sure you SAVE the changes. Please note that setup a different and strong pre-shared key and SSID for your network.
Step #4: Create a bridge (OPT1+OPT2)
Click on the Interfaces > Assign > select Bridges tab > click on Add button:
Make sure you select both the OPT1 and OPT2 interfaces under Member Interfaces. Click on the save button.
Step #5: Assign correct interface
You need to swap and set correct network port for LAN and OPT1 interfaces as follows:
|Interface||Old Network port||New Network port|
Next, assign the BRIDGE0 port to your LAN interface. And assign the port that was originally assigned to your LAN interface:
Click on the save button. The pfSense take a little time to reload all changes, and there is no loss in network connectivity. You just finished configuring with the bridge that includes your LAN and wifi interfaces. Finally click on the pfSense logo to see your network status from dashboard:
Finally, tweak the wireless settings as per your needs. Also, don’t forget to setup the firewall rules for traffic to pass.