Best Mesh WiFi for pfSense

ByGraeme WiFi

Mesh WiFi for pfSense – The Ultimate Guide for beginners. If you are not sure what  pfSense is, then we will go through all of the basics and explain what it is and why you would want to use it! 

pfSense is a free, open source, and highly configurable firewall distribution. It has a very active and supportive community, many of whom are happy to help those who are newer to the platform or who have questions.

One of the most commonly asked questions about pfSense is how to set up a compatible mesh WiFi system with it, and what are the best mesh WiFi options for your needs.

Mesh WiFi gives your network the ability to extend its range over larger areas of your home to reach devices in the furthest each of your living spaces. It allows you to use your existing WiFi access points and distribute the WiFi signal over a larger area.

Table of Contents

Best Mesh WiFi for pfSense
Best Mesh WiFi for pfSense

pfSense With Mesh Networks And Your Setup

There is one problem with using Wi-Fi technology to provide wireless access in a home or small office: the signals are too weak to penetrate most walls, especially ceilings.

That’s where mesh networks come in. Mesh networks connect devices directly to one another, typically through radio waves that are more powerful than those of conventional wireless networks.

In addition to providing better coverage, mesh networks also are more secure. They use encryption to keep communications private, and they can block unencrypted or malicious data packets from reaching the network.

Mesh networks are typically deployed through Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access 2 (WPA2), the two major security protocols for wireless networks.

There is one problem with using Wi-Fi technology to provide wireless access in a home or small office: the signals are too weak to penetrate most walls, especially ceilings.

Mesh networks connect devices directly to one another, typically through radio waves that are more powerful than those of conventional wireless networks.

In addition to providing better coverage, mesh networks also are more secure. They use encryption to keep communications private, and they can block unencrypted or malicious data packets from reaching the network.

Mesh networks are typically deployed through Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access 2 (WPA2), the two major security protocols for wireless networks.

WiFi 6 Mesh AP Recommendations

You’ve probably already heard of 802.11ax, which is Wi-Fi 6. Most of us are familiar with how it works and what it promises to bring.

What we might not know is that the new standard, which is currently still being rolled out, has a huge impact on how people use wireless networks today. 

[amalinkspro_table id=”7713″ new-window=”on” nofollow=”on” addtocart=”off” /]

Adding A Mesh WiFi Network to pfSense

What if you wanted to install mesh networking hardware on your network and have your pfSense firewall handle it all? Here’s a hypothetical way that you could possibly do it. 

Mobility is one of the main problems with wireless networks. Fortunately, there are two main ways to address this problem. You can move the router physically.

Creating a mesh network is the second way you can connect your nodes. Mesh networks are direct connections between nodes on the network.

We will use a Linksys WRT1900ACS Wireless-AC Dual Band Gigabit Router in this tutorial as a mesh wireless access point.

Three radios are available on this router: 2.4GHz radio (A/B), 5GHz radio (A/B), and a USB port. The mesh network is implemented using the 5GHz radio.

1. Let’s begin by setting up the router. Port 1 is where we will set up our WAN connection. IP address 1 is where the router can be reached from the outside. Static IP addresses can be found by opening the Network utility on your router.

Now that our LAN port is set up on Port 2, let’s configure it. We will use this IP address in pfSense.

This IP address must be assigned to the LAN. You can do this by going to Advanced > Ports. Select the IP address of the LAN port by clicking on the LAN button. By doing so, the router will be able to connect to pfSense.

2. The next step is to configure the WAN port of the router to forward to a public IP address. We must first add a gateway to the Internet. An IP address needs to be assigned to the new subinterface on the WAN port.

If the router will be forwarding to a public IP address, that should be the address used. For this tutorial, we are going to use 192.15.23.22 as a public IP address. Ensure that TCP/IP is enabled on the WAN interface next.

3. On the WAN interface, we are going to enable DHCP. The router will then be able to obtain a public IP address from the ISP for the WAN interface.

When this option is enabled, the router will create a temporary subnet on the WAN interface. In this tutorial, we will use a subnet of 192.168.100.0/24.

4. Our next step is to set the default gateway of the LAN interface to the router’s external IP address.

You can do this by clicking the WAN interface and then clicking on Advanced Settings. You will need to set the Router’s external IP address as the Gateway under the General Settings.

5. Next, we will configure the router with a DNS server. The router will then be able to obtain a domain name and resolve it to its public IP address. This can be accomplished by enabling the DNS Server service on the router. Go to Services > Services. Click on DNS Server.

6. Last but not least, we will give the router a domain name. Go to the Domain Name Service Settings and click on “Add New Domain.”

7. The next step is to enter the domain name we would like to use. “pfSense.local” will be used in this example.

For the value, enter the subnet of the LAN port. 192.168.100.0 is the domain name we are using here. Select Save Changes after adding the domain name.

8. Let’s connect to the Internet to test the network. You can check your configuration by typing http://198.15.23.22 into your web browser.

If it matches your public IP address, then everything is working as it should. Changing the domain name in step 7 to match the IP address of the router is required if the domain does not exist.

9. You should now be up and running! You can connect your primary WiFi 6 mesh router into your pfSense router and have your traffic be routed through there for added security and control.

Conclusion

I hope you found this guide helpful, thanks for reading and we will see you next time!

Graeme is a CompTIA and Microsoft Certified IT professional with an interest in computers, cybersecurity, internet technologies, WiFi routers, and Internet Service Providers. He is highly knowledgeable and has over 20 years of experience working in the industry and has written for places such as CBT Nuggets, InfoSec, and Engineering.com.