----- "William Bulley" <[email protected]> wrote: > According to Tim Nelson <[email protected]> on Mon, 01/05/09 at > 15:19: > > > > Make sure you have the appropriate firewall rules on your OPT2 > > interface to allow traffic to pass. > > Following the example at the URL shown in my first message I set > the OPT2 (ath0) interface to all "any" or "* * * * * *" > Do I need any more rules than that?
You may want some tighter rules eventually but for testing, that is good. However, edit that rule and enable logging. It would be nice to see what traffic is actually being passed. > > I have a similar rule on the LAN interface to let anything "in" to the > Soekris. > All this is behind my m0n0wall router/firewall. So the Soekris is > nothing more > than an expensive access point (albeit running FreeBSD!) > > > Also, you mentioned "I don't have a DHCP server on my local LAN, > > instead I configured the built-in pfSense DHCP server with three > > IP addresses to give out". Does that mean you have some static > > DHCP assignments set but not a general DHCP range open? > > I am using RFC1918 (net ten) non-routeable addresses behind my > m0n0wall > which is 10.0.0.1 > > So the LAN interface on the 4801 is 10.0.0.33 and the other three > IP addresses in the DHCP pool are 10.0.0.11, .12, .13 > > So I have a small pool (range) configured in pfSense on the 4801. Is > this the right thing to do? That is, will the DHCP server on the > 4801 > hand out these pool IP addresses to associated 11g clients? Isn't > working at present... :-( Just for "gits and shiggles" assign that DHCP range a bit larger. > > > One more thing, when bridging a wireless interface to a wired one, > > make sure the wired interface has a physical ethernet link to > > something. I've seen it interfere with bridging many times. > > I have my 4801 LAN interface wired to one of the m0n0wall ethernet > jacks, and I have statically configured in pfSense the 10.0.0.33 IP > address along with the (static) 10.0.0.1 gateway. I can reach the > 4801 (pfSense/FreeBSD) using ssh(8) from other boxes on my local LAN. Is the WAN being used on your box or is the LAN connected to your existing m0n0wall? > > Help? > > Regards, > > web... > > -- > William Bulley Email: [email protected] > Have you tried statically assigning the IP address to your wireless device and seeing if it can access the network? That would help pinpoint if the problem is DHCP specific or network/topology based... Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
