How-to configure Wi-fi in pfSense

Netgate offers the 802.11a/b/g/n wireless kit for APU but configuring pfSense to use it is not immediately apparent and I was not able to find a recent how-to or tutorial on how to do the setup. This tutorial is using pfSense 2.2 but should work with 2.1 as well.

This tutorial will help you configure a bridged LAN Wi-fi network. We won’t be dealing with creating a guest wifi network but if requested I’m willing to do that later.

It’s all about the bridge

The most tricky part of this is configuring the LAN bridge to the Wi-fi interface. I’m going to assume that you already have a LAN interface configured and your pfSense is working great. Now all you want to do is configure the wireless.

If you go to Interfaces->(assign) you probably see something like this.
Screen Shot 2015-02-20 at 21.17.13

Now in order to create the bridge without getting disconnected we need to do a bit of trickery.

Assign a new interface to something that is not in-use. For example a network port that you’re not using or even create a PPP interface temporarily just so you have something to assign it to. Once created it will probably be called OPT1 or OPT2. Go ahead and click on it, enable it, and rename it to LAN_PORT. It should then look something like this.
Screen Shot 2015-02-20 at 21.23.31

You should also have an interface assigned for you wifi card such as the wireless kit from Netgate. It might look like this.

Screen Shot 2015-02-20 at 21.26.44

And if you open the interface it should be enabled.

Screen Shot 2015-02-20 at 21.26.55

IPv4 and IPv6 configuration should be set to None for both the Wifi and LAN_PORT interface.

Now it’s time to actually configure the bridge. Under Interfaces->(assign) click on the Bridges tab. Click the + icon to add a new bridge.

Under Member interfaces select both the Wifi and LAN_PORT interfaces that you setup.
Click Save and apply these changes and you should see something like this.
Screen Shot 2015-02-20 at 21.33.18

Now go back to Interface assignments, and we want to adjust the assignments a little.

Assign the BRIDGE0 port to your LAN interface. And assign the port that was originally assigned to your LAN interface to the LAN_PORT interface. It should then look something like this.
Screen Shot 2015-02-20 at 21.34.46 Screen Shot 2015-02-20 at 21.34.54

In my case re2 was originally assigned to LAN and is now assigned to LAN_PORT.
Save these settings and apply, and you’re finished with the bridge!

More Wi-fi Settings

Now it’s time for the wireless settings. There are some gotchas that we’ll mention, but first here are screenshots of my configuration that is working great.

(To get to this configuration click on the Wifi interface from the Interfaces assignment tab.)

Screen Shot 2015-02-20 at 21.40.32 Screen Shot 2015-02-20 at 21.40.45 Screen Shot 2015-02-20 at 21.41.28

WPA Pairwise has to be set to Both, if you set it to AES the wifi will stop working. In my testing I found it was best to set WPA Mode to WPA2 and leave the Pairwise set to Both.

Otherwise you should be fine copying all the wireless settings from my screenshots, of course you’ll choose a different pre-shared key and SSID 🙂

Remember that your LAN IP address and other network settings must now be configured on the interface that you assigned to the bridge, and also DHCP should be enabled on that same interface.