pfSense and Amplifi Alien
By - Antonioxsuarez
If you are going to use Alien as a wifi access point obviously it's best that you set it up in bridge mode. But you could actually run it in NAT mode and achieve certain restrictions that might be useful to you.
For instance, if you mainly dedicate that wifi AP to your guests and you do not want them to use it to connect to VPNs etc. Then run it in double NAT mode and most VPN configurations will fall apart while basic web access, UDP/TCP type traffic would still go through fine.
I am not saying you should do it that way. I am simply suggesting that double NATting breaks things but sometimes, in some instances it is (almost) a blessing and it allows you to quickly do things that otherwise would take serious router configuration to achieve.
As for your IP address issue, whether it is in bridge mode or NAT mode your alien box should get an ip address. First it is necessary so that you can access its user interface and check things out, second it vital if you want to monitor the traffic going through it.
You will want to put the alien into bridge mode
>A router should only be placed in bridge mode when there is another router connected to the network. Two routers performing routing tasks will slow down your network; this can be solved by setting one of those in bridge mode. Another benefit of bridge mode is uniting the network under one subnet: in bridge mode the network can have two WLANS but use only one subnet.
If you have pfsense, what was the reason for the Amplifi Alien?
If you can, return it.
Get a TP-Link EAP225 v3 for 60usd which is a access point ... for wifi.
Money isn't an issue. And that access point doesn't support Wifi 6 and I currently own devices that are Wifi 6.
>How is it working now? I'm about to have the same setup and am curious of any lessons learned?
Well my issue was I never enabled the ethernet port my Alien was connected to. Hence no IP address. I went ahead and decided not to run anything on it like pfBlocker. As it's not something you setup and forget. I'm constantly adding sites to my whitelist and etc. For my guest I wouldn't want to go through the trouble of that. So I have full function of my Alien features which are really cool but would lose if you put it into bridge mode. Sorry for the late reply.