Advise on pfSense and Tomato with Guest Wireless
I would like to have some suggestions as to whether I have this setup correctly or is there a more efficient way of accomplishing this.  The main goal is to have the WAN, LAN, Home WiFi and a Guest WiFi.  I will list the equipment.

Pfsense box
LAN   -> ----> 8 port switch -----> Asus RT-66U with tomato installed.  Port(1).  Home WiFi
OPT1 -> ---------------------------> Asus RT-66U with tomato installed.  Port(2)   Guest WiFi

VLAN's are setup
VLAN1 - Bridged to LAN, Port1, Port3, Port4 are selected, but not tagged
VLAN2 - Bridged to WAN
VLAN3 - Bridged to LAN1, Port2 is selected, but not tagged.
LAN1 -

DHCP is not enabled on the tomato, it is enabled on the pfSense Router.

Everything works like it should, but was wondering if this is the correct way.

PS:  What if there was no 3rd NIC in the pfSense box?

Example is attached.


Firewall with WAN/LAN/DMZ Setup
I am looking to see what the best way to setup an AP in the DMZ is.  Currently I have the following configured.

eth0->WAN->Public IP

On the LAN subnet I have their gateway and dns as which is the IP of eth1.  Everything works fine.
On the DMZ subnet I have their gateway and dns as which is the IP of opt1.  No internet atm.

Going from opt1 is a DD-WRT router acting as an AP. On the AP the gateway and dns is

What I would like to do is have guest wireless, xbox consoles in the DMZ connecting via wireless to the AP so they are not connected on the LAN.
Any other information needed can be provided or suggestions on the best way to achieve this.  Seems like everything is working as suspected except no internet when a wireless guest joins, which is sitting in the DMZ.



