Wireless Configuration in pfSense

wireless configurationIn the previous article, I covered checking to make sure your wireless card is compatible with FreeBSD (and pfSense). In this article, I will cover wireless configuration. You can assign your wireless card as your WAN interface, or as an OPT WAN in a multi-WAN deployment.

Wireless Configuration

In this article, let’s assume our wireless configuration scenario is setting up the wireless card as the WAN interface. The first step is to navigate to Interfaces -> (assign) and assign the wireless interface to the WAN (or whatever interface to which you want to assign the wireless interface). Click “Add” to add an OPT interface if you want an OPT interface to be your wireless interface. Otherwise, make sure your WAN interface is the wireless one. For example, if you have an Atheros card named ath0, set ath0 with the drop down box as the WAN interface.

Next, browse to Status -> Interfaces for the WAN interface. At “IPv4 Configuration Type“, select the type of configuration (e.g. DHCP, static IP, etc.), and scroll down to the “Wireless configuration section“. Choose Infrastructure (BSS) mode, fill in the SSID, and configure encryption, such as WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access). Most wireless networks will not need any further configuration, but if your network does, make sure it is configured appropriately for the access point you will be using. Then click on the “Save” button to save the settings. Wireless configuration is now complete.

If you want to check the status of the wireless interface just configured, navigate to Status -> Interfaces. There you can tell whether the interface has successfully associated with the choses access point by looking at the status of the interface. “Status associated” means it is connected successfully. If it shows “No carrier“, however, it was unable to associate. Finally, by navigating to Status -> Wireless, you can see the wireless networks visible in your firewall. Your wireless interface(s) must be configured before this menu item will appear.

Bridging a Wireless Interface

You can bridge a wireless interface, but only wireless interfaces in access point (hostap) mode will function in a bridged configuration. You can bridge a wireless interface in hostap to any other interface to combine the two interfaces on the same broadcast domain. You may want to do this if you have devices or applications that must reside on the same broadcast domain.

Finally, because of the way wireless works in Basic Service Set (BSS) and Independent Basic Service Set (IBSS) modes, you cannot bridge a wireless interface in BSS or IBBS mode, because every device connected to a wireless card in those modes must present the same MAC address. With bridging, the MAC address passed is the actual MAC of the connected device, and in wireless, the only way this can function is if all the devices behind that wireless card present the same MAC address on the wireless network.

External Links:

Wireless Interfaces at doc.pfsense.org

Mailing list posting explaining why you cannot bridge a network interface in BSS or IBBS mode.

Ad Links:

Wireless Support in pfSense

wirelessFirst, I should mention that this is the 100th post on this blog, which if nothing else, shows an unusual (for me) level of persistance on my part. Thanks to all who have visited this blog, visited this site’s Facebook page, or subscribed to this blog’s Twitter feed. I have a number of ideas on how to improve this blog, and I hope to implement some of them in the near future. Now, onto the topic of today’s posting: wireless support in pfSense.

pfSense includes built-in wireless capabilities that allow you to either turn your pfSense box into a wireless access point, use a wireless 802.11 connection as a WAN connection, or both. You can also use another wireless router in conjunction with pfSense. But if you want to use the built-in wireless capabilties, you first need one or more wireless cards supported by pfSense.

FreeBSD has supported wireless cards for a number of years, and there are a variety of wireless cards supported in FreeBSD 8.3. Needless to say, pfSense includes support for every card supported by FreeBSD, although some are supported better than others. Most pfSense developers work with Atheros hardware, so it tends to be the most recommended hardware. Many users have had success with other cards, however, and Ralink is also a popular choice. Other cards may be supported, but do not support all available features. For example, some Intel cards can be used in infrastructure mode but cannot be run in access point mode due to limitations of the hardware itself.

Another factor to take into account is that major wireless card manufacturers commonly change the chipsets used in their wireless cards without changing the model number. As a result, there is no way to ensure a specific model card from these vendors will be compatible, since you have no way of knowing which minor card revision you will end up with. While one revision of a model may be compatible and work, another card of the same model may be incompatible. For this reason, it may be a good idea to avoid cards from major manufacturers such as Linksys, D-Link and Netgear, although if you already have one, it is worth trying to see if it is compatible.

Supported Wireless Drivers

The following drivers are included in pfSense 1.2.1 and newer kernels:

  • ath(4): Supports cards based on the Atheros AR5210, AR5211 and AR5212 chipsets. The following cards are known to work in pfSense:
    • CB9-GP-EXT Cardbus/PCMCIA
    • 5004 MP Atheros 4G
    • DCMA-82 Atheros 6G
    • DCMA-82 Industrial Temp
  • rai(4): Ralink Technology IEEE 802.11 wireless network driver – supports cards based on the Ralink Technology RT2500, RT2501 and RT2600 chipsets. There are too many cards supported to list, but the FreeBSD man page for ral has a list of supported cards.
  • wi(4): Lucent Hermes, Intersil PRISM and Spectrum24’s IEEE702.11 driver supports cards based on the Lucent Hermes, Intersil PRISM-II, Intersil PRISM-2.5, Intersil, Prism-3, and Symbol Spectrum24 chipsets. These cards support only 802.11b, and a list of cards supported can be found at the FreeBSD man mage for wi.
  • an(4): Aironet Communications 4500/4800 wireless network adapter driver supports Aironet Communications wireless network adapters and variants, such as:
    • Aironet Communications 4500 and 4800 series
    • Cisco Aironet 340 and 350 series
    • Xircom Wireless Ethernet Adapter
  • awi(4): AMD PCnetMobile IEEE 802.11 PCMCIA wireless network drive – supports cards based on the AMD 70c930 controller with Intersil PRISM radio chipset, such as:
    • BayStack 650
    • BayStack 660
    • Icom SL-200
    • Melco WLI-PCM
    • NEL SSMagic
    • Netwave AirSurfer Plus
    • Netwave AirSurfer Pro
    • Nokia C020 WLAN
    • Farallon SkyLINE

With the release of pfSense 2.0, even more wireless cards were supported. Again, the list is too large to include here, but there is a spreadsheet of compatible wireless cards that should work with 2.0. Be aware of the “hostap” column, which shows drivers capable of running in wireless access point mode. If that column is marked “N”, then the card could only be used as a client. The second tab on the sheet lists part numbers for a given driver.

In the next article in this series, I will cover how to configure your wireless card.

External Links:

Supported Wireless Cards at doc.pfsense.org

Ad Links:

© 2013 David Zientara. All rights reserved. Privacy Policy