ether+wireless and bridge/routed question.

kintho · December 14, 2014, 9:08pm

Hello all,
I have a LAN 192.168.1.1/24 behind the ether2 interface.
I have firewall rules for the ether2 interface.
I want to add wireless clients to the LAN.

What is the best configuration?

This is the one I thought to set up:

Create a bridge interface (with use-ip-firewall=yes)
Assign interfaces (ether2, wlan1) to the bridge
Assign IP address to the bridge
Create a new DHCP Server for the bridge interface
Create firewall rules for the bridge interface

Is that the right configuration?

Thank you.

Rudios · December 15, 2014, 6:34am

That sounds correct to me.
Although you probably already have IP, DHCP and firewall settings applied to ether2.
If that is the case, just move these from ether2 to the bridge, no need for duplication here.
And for the bridge the use-ip-firewall setting is not needed if your bridge would just be a logical switch.
The use-ip-firewall setting is only needed when you want to filter traffic that normally wouldn’t leave the bridge (e.g. traffic from your ether2 connected PC to a wireless device)

kintho · December 15, 2014, 8:11am

Yes I already have ether2 configured with: IP address, DHCP Server, firewall rules.

The only thing I need is just to:

go in /interface address - /ip dhcp-server - /ip firewall filter
and there → edit #number_entry interface

Is that correct?

Thank you for the suggestion on use-ip-firewall too.

Rudios · December 15, 2014, 8:53am

That’s correct

kintho · December 15, 2014, 11:11am

Configuration modified, up and running. Thank you.