Re: [pfSense] Access Point config: separating guest from permissible users

2018-03-11 Thread Moshe Katz
Here's a very simple explanation of VLANs: A packet being "tagged" for a specific VLAN means that the packet's Ethernet header information contains a number (between 1 and 4094 inclusive) that identifies the VLAN for which that packet is intended. The intent of this mechanism is to allow a single

Re: [pfSense] Access Point config: separating guest from permissible users

2018-03-10 Thread Antonio
Interesting! Does this mean that by disabling the WAN port on the DD-WRT device and getting it to act as switch, then the pfSense router device actually sees multiple network domains on the same LAN port? I guess this is probably due to the fact that I don't understand VLANs ... Currently, I have

Re: [pfSense] Access Point config: separating guest from permissible users

2018-03-10 Thread Moshe Katz
The most reliable way to do it is to set up two VLANs for your wireless, with your Home network on one of them and your Guest network on the other, and to configure the firewall rules in pfSense for the LAN-LAN traffic. DD-WRT officially supports VLAN tagging (802.1q), but it only works on some

Re: [pfSense] Access Point config: separating guest from permissible users

2018-03-10 Thread jmitchel
On 2018-03-10 18:54, Antonio wrote: Hi pfSense experts, I was hoping you could help me with a config questions. I have pfSense configured as main routed for my network. The WAN is connected to DSL modem, one LAN on a ethernet switch and another LAN port on a Netgear R8000 with dd-wrt installed.