pfSense Setup
Network Configuration
Configure routing, gateway, WiFi, and DHCP server for WiZone connection.
Step 1 - Add Gateway
- Go to System → Routing → Gateways.
- Click + Add to create a new gateway.
- Fill in the following details:
| Field | Value | Description |
|---|---|---|
| Interface | WG_WiZone | Select the WireGuard interface you created earlier. |
| Address Family | IPv4 | Choose IPv4 protocol |
| Name | (choose any name) | A name to identify this WiZone gateway– e.g., WIZONE_GW |
| Gateway | 10.255.0.1 | Gateway IP address (typically .1 in the WG subnet) |
The gateway IP address is typically the first IP in your WireGuard interface subnet.
If your WG INTERFACE IP from the WiZone Portal is
If your WG INTERFACE IP from the WiZone Portal is
10.255.0.X/24, the gateway is usually 10.255.0.1.
- Click Save and Apply Changes.
Step 2 - Add Routing
- Go to System → Routing → Static Routes.
- Click + Add to create a new route.
- Configure the route using the following settings:
| Field | Example Value | Description |
|---|---|---|
| Destination Network | 10.1.10.0/24 | Route traffic to the WiZone server |
| Gateway | WIZONE_GW - 10.255.0.1 | Gateway created in Step 1 |
| Description | WiZone System | For administrative reference |
Optional : If you need access to the LKS Management network, add another static route
Destination Network: 
Destination Network:
10.1.200.0/24 Step 3 - Configure WiFi Interface
- Go to Interfaces → Assignments → WIFI (em2).
- Enable the interface and configure the following:
| Field | Example Value | Description |
|---|---|---|
| Enable | (check the box) | Turn on the WiFi interface |
| Description | WIFI | Interface name |
| IPv4 Configuration Type | Static IPv4 | Assign a static IP |
| IPv4 Address | 10.10.252.1/24 | Local WiFi network address |
Step 4 - Add Firewall Rules for WiFi
To allow WiFi clients to access the internet and the WiZone tunnel, you must add a firewall rule on the WIFI interface.
- Go to Firewall → Rules → WIFI.
- Click + Add to create a new rule.
Fill in the following fields:
| Field | Value | Description |
|---|---|---|
| Action | Pass | Allow all traffic |
| Interface | WIFI | Select your WiFi interface |
| Address Family | IPv4 | WiFi network uses IPv4 |
| Protocol | Any | Allow all protocols |
| Source | Any | Any device from WiFi network |
| Destination | Any | Allow outbound traffic |
After saving, you should see a rule similar to this:
- Click Save and Apply Changes.
Step 5 - Configure DHCP Server
- Go to Services → DHCP Server → WIFI.
- Enable the DHCP server for the WiFi interface.
- Under Primary Address Pool, configure:
| Field | Example Value | Description |
|---|---|---|
| Address Pool Range | 10.10.252.10 to 10.10.252.30 | Range for DHCP clients |
You may define any DHCP pool range, but it must stay within your WiFi network subnet
- Under Server Options, set DNS servers:
| DNS Server | Example Value |
|---|---|
| DNS 1 | 10.10.252.1 |
| DNS 2 | 8.8.8.8 |
| DNS 3 | 1.1.1.1 |
- Under Other DHCP Options, configure:
| Field | Value | Description |
|---|---|---|
| Gateway | 10.10.252.1 | Local gateway for WiFi |
| Domain Name | wizone.io | Domain name for local network |
| Default Lease Time | 86400 | 24 hours |
| Maximum Lease Time | 86400 | 24 hours |
- Click Save to apply the configuration.
WireGuard Connection
This section shows you how to enable the WireGuard service, apply the required firewall rules, and confirm that your device is successfully connected to WiZone.
Configure WiZone RADIUS
This section explains how to configure RADIUS authentication, certificates, DNS resolver, and captive portal for WiZone.