 Tom here from Lawrence Systems, and this is PF Sense and Project Wi-Fi? This is gonna be kind of just an adventure into playing with Wi-Fi and PF Sense to show that it does work, but it may not be the best idea. So if you want to learn more about me or my company, head over to LawrenceSystems.com. If you'd like to hire a Sherpa project, there's a higher S button up at the top. If you'd like to support this channel in other ways, there's some affiliate links down below to get you deals and discounts on products and services we talk about on this channel. And let's talk about what we're doing here. These little things are, well, there, we pulled these out of laptops because we wanted to try some Wi-Fi on PF Sense because, you know, why not? One of those little adventures, and now people have asked me about it because the functionality in PF Sense is there, so we wanted to see how it worked out. Well, it does, it does function. It does work. First, we'll start with a statement writing a document from NetGate. Should I use my PF Sense appliance as an access point? I'm not gonna read it all to you, but no, it doesn't make an amazingly great access point functionalities there. It's more about learning, in my opinion, to set this up. Maybe you want to do some specific packet tracing. So you want a couple devices that you want to adjoin to it, do some full-stack tracing, and do some learning. That can be kind of fun to play with, but it's not, like I said, the absolute best solution here. Even a really inexpensive access point will probably outperform this. So if that's all you came here to want to know if it's a good idea, you can stop watching video now. It's probably not the best idea. If you're going, I want to see how this works, well, carry on. They have an entire list over here. It's just some of the details. We're going to show you actually how the configuration works and all that, but they also have inside of here the list, and it's linked all here, and I'll link to this, of course, in the description below, of supported modes of operation and which models they have. So we happen to have the atheros card here, and it has actually seems to have all the different modes of operation, but one thing we didn't have the ability to do is make it join to our current networks. I will mention that. We're only going to show this working in access point mode. I didn't spend a lot of time on it, but trying to set it up in the other mode where it's also joined to the network, it just kept failing. We are not really sure why we just didn't dig much into it, but I know that is allegedly a supported mode of operation, but there's always challenges in setting it up that way. My purpose for this was more to learn about the way it functions in a way you can tie these together in order to do some, you know, packet tracing and learn a little about Wi-Fi. So let's take a closer look at how we've configured this. This is the board sitting next to me right now. I took a picture of it because I wanted to zoom in, and this is when we were setting it up, and there we go. Zoom in on the actual Wi-Fi card we're using. So this is the AR5B22, and it's going to be where some of the challenges are just because it's atheros doesn't absolutely mean it works. It comes down to very specific models, may or may not have specific features you want. One of the things I'll point out to is the number of virtual interfaces on there, and the way the channel is set up, does have several virtual interfaces, and we'll get to that for how you set up and set a PF sense. We have two of them set up in a bridge mode here, so this is actually a completely set up system already. The way you started those are going to go here to interfaces, then you go over here to wireless, and we've already added these, but when you pop a card in PF sense and you boot it up, it doesn't recognize the card as far as wireless right out of the box. You have to go to this wireless section and let it know which device it is, and it detects them, and right here's this, you know, a-throw-0, and we would just go ahead and we're going to set it up as an access point. Another, oops, AP, hit save, add, another, another AP, access point, and click save. So these are two more that we just added, and you can keep trying to add these on there, and what these are is the virtual channels that it supports. Why does it have so many? Well, let's go back and show once you have these, you go here to assignments, and you'll assign these, another AP, and we can assign another access point, another AP, and assign another access point. And what we're referencing is all the different channels that this supports acts as another access point, which causes problems if I actually try to add all of these. So let's go ahead and back these out, that we're going to go leave it with two. Two, we found it to work. Once we started adding more, it seems to just kind of misbehave when we start programming it. And we're going to go ahead and show how these two are set up. So we have them in here, and normally you would assign them an interface. They don't necessarily have the same interface as your LAN. So you assign them a different IP address, different interface, assign an IP, assign a DHCP server, assign rules to it. So you've assigned each piece to it, just like you would a secondary network interface that you added to the system. The only difference is when it recognizes here on the interface settings that it's a Wi-Fi, we have all these other options that you don't normally have. So you have the regulatory domain settings, the channels you want it to run at, the mode of access point, and we call this one Wi-Fi. Minimum wireless standard, allow intra-BSS, enable WME, enable WPA. We just set the password to password 123. So pretty simple, we just ran down all the settings. We have it set to AES on here. And if you're wondering what this little box right here, preserve common wireless configurations through interface reassignments. What this does is matches the interfaces. And we had trouble not matching the interfaces. So right now, we have it set to a specific channel. And we go over here and you see the channel selection. And this is ATH1. So if we go over here to ATH2, we've got that matching. So if I change one, it changes them both on the channels. Now you're thinking, hey, can't you just split the channels and have one operate at one and one operate the other? Yes, but that comes back to some of the problems and limitations we found with it. When we did that, it seems to work for a little while and you start connecting devices and then the pain drops and everything else. We found as long as we kept them the same, it does work. These are some of the reasons why, like I said, this is not the most ideal. But let's say we got this set up and we have two channels. And the reason we have two channels, we wanted to see if a couple of them go together. And what we did to have two channels on the same is you notice we don't have an IP address set to either one of these. And we have an IP address set to this. What you can do here, and we just set this to 192.168.168.1. So this interface is actually a bridge. And if you're not familiar with bridging in PF Sense, I've covered it in other videos and talked about this, you add a bridge and you pick the devices you want to merge together in a bridge. Now, what I didn't try, but might be interesting to try, is see if we can merge the LAN into a bridge. That may work, but ideally for what we want to do here and have a separate network where we track things that isn't what we wanted to do. So we built this bridge right here and we added these two devices, the two ATH1, ATH2 interfaces, merge them into one. And then from there, you go to the interface assignments and you will assign your bridge and then from there, your bridge is what you actually assign the IP address to. So those two devices connect to the bridge. That gives them this IP address together. They act as one no matter which one you connect to and standard slash 24. Then we have all the firewall rules set to be open because I just wanted to be able to do standard tracking of networks and see what happens when I connect. So let's go over here to status Wi-Fi and see what's connected. And we have this right here. So with this system connected, which happens to be my phone, which I've already tied together with this Wi-Fi. And let's go to some websites and see what happens. So make sure I'm on the Wi-Fi still. I still am on the Wi-Fi. And we're going to go over here, diagnostics, packet capture. And we want to capture on the Wi-Fi LAN. Set this to count zero. Start the capture. Let me open up a couple things on my phone. Stop. Download capture. And we'll just open it up with Wireshark real quick. And we can see all the places that my phone was going here. So that can be kind of interesting. Queer response. I did go and open up Facebook on this. So you can start digging into, you know, all the little details of all, well a lot of UDP packets here. What else was in here? TLS transmission. Some stuff at TLS 1.2. Some stuff is TLS 1.3. So I wonder what application was working at that. But you can still from here, you're Wiresharking in and you're digging into the details and you've tied it all to that particular Wi-Fi. So you can see it does work. And we'll walk through one more scenario real quick of just what it looks like to set this up. All right, now I've just went through and quickly reset PF sense back to essentially default without any of these wireless. This is to show you what it looks like to setting up one interface. So we'll go here, wireless, add, access point, test, interface assignment, choose the newly added test one, edit, call it Wi-Fi here. We're gonna, that's just the interface name. We'll call the Wi-Fi something else, leave all these settings completely. Let's save everything in default, default, default. Access point, SSID. Everyone's favorite FBI van, right? Enable WME for wireless QoS. We'll leave off or do no password on this one here. Save, apply, firewall rules. There's our Wi-Fi, add. We'll just haphazardly go through here and set it to any, any. Just allow all services, DHCP server. Whoop, before we do that, forgot. Gotta assign this an IP address. Static IPv4, so 10.1.10.1. Let's put it in that network, slash 24. Save, apply, server, DHCP server. There's our Wi-Fi one. Enable 10 to 100 so it can add some addresses. Save, and that's it. We can now attach to it. So let's go ahead and take my laptop and we're gonna look in here and we'll see it in the list of Wi-FIs here. Where's, oh, there's our FBI van and we're gonna go over here and this will actually break my connection to be a sense of unplugging the network cable from my computer and we're gonna connect it to the Wi-Fi. Select network, FBI van, connect. We're connected. Now you can see it is connected and we'll go over here to, this is a Wavemon that's running, you can see the link quality is good. It connected at the full speed, 10.1.24 and I'm online and go back to, you know, looking at whatever and away we go. So that's it for the project Wi-Fi with PF Sense. Kind of gives you an idea that, yes, it works, maybe not the best idea, but can still be fun learning experience because you're able to grab and do some packet capture from there. They do have the list of supported Wi-Fi, but like I said, this is more of a, because you can, because it's a fun learning tool and a fun adventure. Plus if you want, you can dive into the command line and start looking at what Wi-Fi networks get scanned with this. There's a handful of little utilities you can play with. That's listed in a PF Sense documentation, but it's just the, you know, command line tools for BSD if you want to try this. Now this might work if you only have just a couple devices connected to it. I'm not going to say it's a great solution, but if you said, you know what, I don't really need a whole Wi-Fi. I just need something so my phone and a couple other things that don't really need high speed access are able to connect. It may work, but as far as a higher performance Wi-Fi, not so much. It's probably not like, it's certainly not a commercial grade solution at all. It's probably more of a small apartment playing around solution. And like I said, the fun of being able to do some of the packet captures and dive in a little bit deeper on that, which is, I've covered that a couple times in different ways to use PF Sense to do that. All right, and thanks. And thank you for making it to the end of the video. If you liked this video, please give it a thumbs up. If you'd like to see more content from the channel, hit the subscribe button and hit the bell icon. If you like YouTube to notify you when new videos come out. If you'd like to hire us, head over to laurancesystems.com, fill out our contact page, and let us know what we can help you with and what projects you'd like us to work together on. If you want to carry on the discussion, head over to forums.laurancesystems.com, where we can carry on the discussion about this video, other videos, or other tech topics in general, even suggestions for new videos that are accepted right there on our forums, which are free. Also, if you'd like to help the channel in other ways, head over to our affiliate page. We have a lot of great tech offers for you. And once again, thanks for watching and see you next time.