Pages: [1] 2
General Questions / Proper setup of switches
« on: January 01, 2018, 07:39:18 pm »
I am using a Netgate APU with three interfaces:

WAN (re1) -- DHCP
LAN (re2) --
OPT (re0) --  VLAN05 (re0.5)    -->
                    VLAN10 (re0.10)  -->
                    VLAN15  (re0.15) -->
                    VLAN20  (re0.20) -->

I have used the baseline guide along with nguvu's guide to making use of the Netgear GS108E switch (although, I am actually using a Tl-Link SG108E), but somewhere I am blowing it, since after I reboot, I am not able to access any of the interfaces and I have to do a factory reset.

I have connected my LAN interface as well as my OPT interface on the switch and have set the address to (which is my MGMT VLAN05). I also have my Ubiquiti NanoStation connected to the switch ( I have tagged port 2 on the switch with my VLANS 5-20 as well as port 3 as well (which is connected to the Ubiquiti NanoStation with the VLANs configured on the NS). If I am clear then the remaining ports should be untagged. But once I reboot the APU, I am not able to connect to any port.

I have a second switch, the Netgear GS108E. I am wondering if since I have the first switch set to the but I have the LAN interface, plugged into the same switch, is that what might me causing the fact that my LAN interface is conflicting with the OPT interface on the same switch? Maybe I need to plug the LAN interface into the second switch?

Any pointers would be appreciated!

Traffic Shaping / Is there any real benefit with a 12Mbit/1Mbit connection?
« on: December 15, 2017, 12:12:27 pm »
I have been relegated to a DSL connection that is 12Mbit down and 1Mbit up. I set the download to 10.5Mbit and 0.9Mbit up and the results are not decent. I am trying to make use of VOIP as well as trying to maintain decent speed on my video streaming (using Kodi). I thought that if I used a 400k for hangout audio, that I would at least have a decent conversation, but no go. The same is true when I am using Kodi. Sometimes, (at SD quality) I have decent playback, but should it fall to 720, playback it just drops. So is it worth my time to make use of TS with such a low bandwidth allocation?

General Questions / How to make use of VLANs
« on: December 14, 2017, 05:16:00 am »
I am using a Netgate APU with both the LAN and OPT1 interface connected to a Netgear GS108E. Also connected to the switch is connected a TL-Link WA901ND Access Point which I setup with 4 separate SSID and VLAN tagging. For the most part, I use only wireless at the house so I thought I would setup my wireless AP using the layout found at, but seemed to be setup with a wired deployment. Reading only added more confusion to the issue.

Under my pfsense configuration, I created 4 VLAN interfaces using the re0 as parent. I have setup DHCP servers for all of the interfaces, and started working for rules, etc. On the TL-Link AP, I have setup 4 SSID and tagged each with a VLAN tag. I have setup under the GS108 I have setup VLANs 1, 20, 50, 100 on port 2 where the AP is connected, with VLAN 1 untagged, and 20, 50, 100 tagged. So do I need to setup port 1 on the switch to also be setup like port 2 (with VLANs 1, 20, 50 and 100) since I have port 1 connected to the OPT1 port or should I just connect the AP to OPT1? But if I plug the AP into the OPT1, would I be able to use the other ports to access the VLANs that I created?

Wireless / How to use an external access point with 2.3.5
« on: November 06, 2017, 03:25:19 pm »
I am connected to a DSL connection out in the wilderness. I am using a netgate APU which of course has 3 NICs with the DSL modem connected to the WAN port. All of my devices are wireless, and prior to using the Netgate APU, I was using a Netgear R7000 (running Tomato) for the two wireless devices and using wireless for everything else. I would like to plug my R7000 into the APU and make use of the ports and definitely the wireless portion and have pfsense manage accordingly.

I know that I can setup a wired VLAN on the R7000 and then plug into the LAN port on the APU. But I am lost on how to use the wireless portion. So how is the correct way to setup pfsense so that it will utilize the R7000 at my LAN with it assigning DHCP address, QOS, etc? Any pointers would greatly appreciated!

*** I was reading the pfsense book and thought I had some clarity. I disable the DHCP server under tomato, and plugged into the LAN port. Now I am confused on what I need to change on the tomato?

Captive Portal / Is anyone using the add-on Captive Portal Plus
« on: March 25, 2015, 07:24:47 am »
I have installed Captive Portal Plus and have been somewhat excited about the ability to print out voucher cards. The only issue is that the author make use of A4 size and I am looking for Letter size. If any one had made use of this add-on and using US Letter size (8.5x11), would you be so kind as to share the configuration for that.

Captive Portal / Is there a "CP for DumME Guide"?
« on: March 16, 2015, 10:56:10 am »
I have been banging away with a Watchguard 700 and pfSense 2.2. So far everything is rock solid, so time to move on. I have placed Ubiquiti Bullets all through a RV Park, and need to setup up a hotspot for the users. In my mind, I want to provide a login page allowing a person to enter in their lot space (for instance, 07) and then plug in a voucher that will work either for one day, 7 days or 30 days (I just figured I would print out batches for the duration), and away they go.

From an administrative way, I thought that by the person logging in, that would create a dhcp entry (helped with a nice little php script) and allow me to better monitor. I thought I would follow the guides, but after I created a zone, people were still able to access the AP without going through the CP. Also, I have been trying to understand how to allow certain machines to be exempted from having to even log in through the CP (specifically, my alias for my admin machines).

Would anyone give a little guidance on how to get this properly working?


Captive Portal / Multi devices with vouchers
« on: February 27, 2015, 10:56:28 pm »
I am trying to setup a captive portal with vouchers as a RV Part. I was trying to see if there way for a client to have to more devices with a voucher. Most clients will definitely have a laptop or even a desktop pc. But the same client might want to have his/her phone/tablet/ipod touch., etc on our WiFi. What I would like to do is allow a client to get their voucher and then allow for the client to be able to authenticate several devices, but limit the numbers of devices per a voucher.

Packages / OPIE for the 2.1.5
« on: September 16, 2014, 12:49:13 pm »
Ok, so I am sort of old school. I was wondering if I can install the OPIE package on my box? I always felt a little more secure one I actually had to have a copy of my 4 or 5 tokens that I need to plug in to get into my router. Hell if I could get away with it, I would throw that into web logins as well. I know that years ago there was an OPIE package, but I don't see it in the packages now.

NAT / 1:1 NAT not going to correct server
« on: September 05, 2014, 11:55:35 pm »
I have learned to correctly setup a VIP and get 1:1 somewhat working. I have a Camera NVR and several cameras installed that I want to access remotely. I placed the NVR and cameras on my DMZ interface, then created a VIP and 1:1 pointing to my NVR ( When I connect to my external address, I end up at (one of the cameras). I have double check all my entries on pfsense, and the entries pointing to NVR are correct. Does anyone one have a thought as to why I can't get to the correct host?

webGUI / Issues with webGUI
« on: September 05, 2014, 05:02:24 pm »
For some reason the help menu is located right below the system menu, and I am not able to access any of the option under system. I have tried that on both chrome and firefox. Is there anyway way for me to fix it. Running 2.1.5

CARP/VIPs / Help understanding VIP
« on: September 05, 2014, 04:56:15 pm »
I am running version 2.1.5 on a Watchguard X700 Firebox. Since we have changed providers, I now have 5 IP addresses as opposed to the 1 that I had previously. I have been trying to set up a virtual IP address for my DMZ, but I have been failing non stop. What I attempted to do was first create a VIP:

Firewall|Virtual IPs

Type: IP Alias
Interface: WAN
IP Address:

Next I tried my hand at doing a 1:1 NAT (Attachment #3)

Firewall: NAT: 1:1

Interface: WAN
External subnet IP:
Internal IP: DMZ Net (
Destination: Single Host -
NAT reflection: use system defaults

I have generic rules for the WAN and the DMZ (see attachments #1 and #2). I am able to ping the first external address just fine, but absolutely nothing for So where am I going wrong?

General Questions / VLANS, Cisco, configuring oh my!
« on: August 18, 2014, 05:34:39 am »
I have been running pfsense 2.1.4-RELEASE  on a Watchguard Firebox for awhile and have now run into the wall of my lack of knowledge. I have 4 interfaces active which is my LAN, Wifi (connected to Ubiquiti equipment), Phone (courtesy of Asterisk), and recently cameras. All of the end devices have been connected to individual unmanaged switches with a connect from the switch connected to the pfsense interface. This is getting a little too unwieldy, so I thought I would connect all of the devices to my cisco catalyst 2950. This has  been very unsuccessful.

I created VLANS on the Cisco called VLAN 5 (LAN), VLAN 10 (DMZ, although not used at this time), VLAN 120 (Wifi), VLAN 130 (Phones) and VLAN 140 (cameras). Of course there is the default VLAN 1. I assigned the various ports (4 to a VLAN group) and thought I was ready for prime-time. Needless to say, one I started things, nothing was going through the internet, and I was lucky that I hadn't written the configuration or else I wouldn't be able to post.

If someone is will willing, can you show the correct way to setup this Cisco switch. I am thinking that every thing failed because I didn't set up VLANs on the pfsense side, but I could be wrong. My thought was that I was suppose to set up the Cisco with the various VLANS, then come and create VLANS on the pfsense side, and everything would mesh properly. I use Cisco stuff infrequently, and the last time I really used any cisco eq was about 10 years ago.

Any pointers would be greatly appreciated!

webGUI / Access to multiple interfaces
« on: March 15, 2014, 11:15:48 pm »
I have pfsense running on a Watchguard X700 box. My WAN interface is a single DHCP connection to my cable provider, but I have several OPT interfaces in play currently. I have been stumbling to get openvpn working, so I was curious to see if there is a way that I can access the devices remotely so I can manage them.

Although I can currently access the web interface remotely just fine, I have several other devices (for instance a couple of Ubiquiti devices and an asterisk box) which I need to manage remotely. Each of the interfaces are /24 addresses with their own DHCP servers running. My question is, remotely, how do I access those other interfaces?

General Questions / What do to with a static WAN address
« on: February 11, 2014, 02:41:07 am »
It has been a long while, so I need a refresher. I have a static address from my TWC connection. I would seem that it passes straight to my pfsense box. What do I need to do in my setup so I can ssh and get to the pfsense interface. I added a rule to allow all traffic from the wan interface to go the various ports, but so far no go. When I attempt to reach the box, it is a failure. Any pointer would be greatly appreciated.

Hardware / Feasibility of a bridge setup
« on: February 01, 2012, 02:47:04 am »
I want to use an old Compaq Armada 1750 to create a wireless to wireless bridge. For the WAN connection, I would like to use my ALFA AWUS050NH USB adapter, and a USB N adapter to provide for a access point internally. Would that be possible under the latest version of pfsense?

