Question Controlling interface GUIs after selecting access point...

Oct 23, 2019
So I started out yesterday installing pfsense and it’s what I expected a lot different and very involved to achieve anything more than basic configs. The big issue I have is keep the internet up and running for my roommates while I work on segmenting the network. I can only access my old router to turn it on access point mode if it is in default router mode. Now let’s say either a mistake was made in the ssid configs, or maybe you just need to turn it back on to router mode because you’re not done setting up your vlans and roommates are bitching. I’ve currently had to factory reset to get back to the interface sign in. There must be a better way. logically thinking about it...APs avoid the wan port and only use lans since they are no longer the parent device. However, because the UI stops working when WAN is disengaged, might it work if you take a single host and plug the Ethernet from the AP wan into the single host and then use either the gateway, or luckily ASUS ac routers come with a discovery tool which btw doesn’t work when it’s in AP mode and you try using it as is. My next AP IS MY NIGHTHAWK r8000. And I’m not even bothering with that one yet. I actually despise that router. It’s a buggy piece of crap in my eyes. But this leads me to my next question...might it be easier to just set up the AP as a repeater?? There’s no residence issues where there’s bad signal.

What are the pros and cons of using separate APs vs using a repeater?

And finally, it seems basic rules are to set up everything I. Pfsense first and then move onto the other interfaces. But I know exactly how I’m going to set up vlans and trunk so might it be better to set up VLAN zones on the managed switch first or at least the trunk port. My first confog has to be simple because I need to be mindful of the residences needs to use the interwebz too.

Btw, I know that I’m new and asking a lot of questions on pfsense, but o just want to say I will be making posts that are simple tips and tricks to keep your network secure, basic hardenings, and even some of my own custom .inf code for bat files I use, creating ACL’s, and most importantly ips/ids solutions for the home network. Ivhageba write up on the least privledge principle and practical ways to implement it in a home network...because most of the time when these concepts are given it is at the large organization level.

Ahhh: 1 lay thought. I watched a YT vid saying it’s not a good idea to place your firewall on your parent device. Is this a real thing? And what does this even imply? Virtual machines are clbetter solutions? Or is it more to do with devices in the DMZ?

Thanks so much guys