Lenovo m93p as firewall

[elitedz]

Dear members

i have a lenovo desktop sff m93p with one lan and internal wifi

i want to use the lan port as wan and the wifi as lan so i can share internet with wifi

my topo is :
fiber modem -> m93p lan -> Wifi -> client 
thanks in advance 

[lilsense]

OK. Let us know how it went... :)

[Bunch]

The only way I guess should work is build under VM (esxi, pve, XCP-NG, etc.)
setup VLAN for the only LAN port
opnsense only control the LAN port under VLAN
Another VM would be something like openwrt as AP controller, controlling LAN port under VLAN and wifi card, Openwrt need to disable DHCP and firewall to avoid double NAT

[BISI Sysadmin]

The only way I guess should work is build under VM (esxi, pve, XCP-NG, etc.)

ummm, why not on bare metal?  something going wrong with the install?

[Bunch]

The only way I guess should work is build under VM (esxi, pve, XCP-NG, etc.)

ummm, why not on bare metal?  something going wrong with the install?

FreeBSD is lack of Wifi support, even OPNsense document mentioned it.
https://docs.opnsense.org/manual/wireless.html

I wouldn't suggest OPNsense as AP controller.
Running OpenWRT directly is also one of the solutions.
However, he choose to ask in opnsense forum, I guess he still want opnsense as firewall.

[BISI Sysadmin]

Dear members

i have a lenovo desktop sff m93p with one lan and internal wifi

i want to use the <ethernet> port as wan and the wifi as lan so i can share internet with wifi

To echo lilsense's question, did you make any headway on this?  Still trying? 

If so, I succeeded with an m93p tiny that came through my hands on its way to a different configuration.  It had an intel wifi chipset.
This link might help you decide if it is worth the effort with yours:
https://man.freebsd.org/cgi/man.cgi?query=iwn&sektion=4&format=html

If your m93p has a broadcom wifi chipset, then it's probably not worth the effort, unless you want to learn *a lot* about customizing FreeBSD kernels and how OPNsense builds upon it ;-)
https://forums.freebsd.org/threads/bcm4322-wifi-card-freebsd-11-2-not-working.68103/
https://www.reddit.com/r/freebsd/comments/ye42e5/stuck_on_starting_wpa_supplicant_at_boot/

As a general rule, I avoid wifi in the OPNsense boxes I deploy, as the integral wifi in any router (not just opnsense) integrates poorly with the inevitable expansion needed in wifi coverage (unless it's designed to be a mesh system).  This eventuality is much better handled with inexpensive WAPs connected by ethernet (or as a mesh network with at least the base station connected by ethernet).  Since your m93p likely has "One half size mini-PCIe slot (only supports WIFI card)", getting such a card might be an easy and relatively cheap way to get an intel wifi chipset into the box. https://www.newegg.com/p/pl?d=lenovo+pci+express+half+mini+card  Before buying, be sure to verify with the specs for your particular device that you are getting a supported card.

if you just want a wifi router (vs a state-of-the-art firewall), then Bunch's suggestion to use openwrt makes eminent sense.

Unfortunately, it appears one can't upgrade the m93p to have two ethernet ports, so I'll never be deploying one of these particular computers as an OPNsense firewall.

Cheers!
d.