Pepwave Surf Soho as Access Point

I need a something behind my pfsense box that will use the DHCP leases and VLANs assigned by the pfsense box with all the other network devices connected to it, both wired and WiFi. The purpose of this is to remove the double NAT of my current system, (Asus RT-AC3200 behind the pfsense box). I recently acquired a new Surf Soho thinking it would do the trick behind the pfsense box, but at this point it doesn’t appear it will work.
Will the Surf work behind the pfsense box to remove the double NAT?
If so, any and all help and guidance in configuring it to do so is invited and much appreciated.
If not, that’s what I need to know.

So you have a pfsense box that is the gateway router and has a bunch of VLANs and you want a wifi access point that presents some of those vlans over wifi - that sum it up?
How many vlans?

3 VLANs at this time, possibly 4 in the future, not including untagged LAN; some wifi and some wired connections for each VLAN and untagged LAN.

Right, so the SOHO wouldn’t be my first choice for this role. What you really want is an access point like the AP One rather than a router.
However, if you ignore the WAN on the SOHO -create all the VLANs you need on its LAN (disable DHCP on each VLAN) and connect the LAN of the pfsense to the LAN of the SOHO. You can add wifi SSIDS within those same VLANS on the soho and you’re done. Then the SOHO will effectively act as an access point and extend your pfsense VLANS.


Thank You sir, this worked on the first try.


Glad i came across this as I’m considering purchasing an AP ONE AC mini and trying to sell a SURF SOHO as i just got my hands on a Balance 20 HW v6.

But other than the 120mbps speed limit on the SURF SOHO and not having the AP controller functionality from the Balance to manage it, would there be any other benefit to going to an AP ONE AC mini?

I would think the wifi coverage would be similar for both, maybe even slight edge to the Surf SOHO given the 3 external antennas?

I’m having a hard time selling the Surf SOHO, and spending another $149 USD + shipping is hard to justify if I can’t sell the Surf SOHO.

Just size and form factor. Personally I would keep the SOHO use it as an AP then save up and buy the AP One AX as that looks really good.


I’m looking to do something very similar. I would plan to us the SOHO as an AP and switch. I would also deploy vlans. Would the throughput limitation continue to be an issue in this case? I would have thought eliminating the fire wall would get around that and I could see a full gigabit +/- back to the router (Balance One). Does that sound right?

Adding to that, I will want the Ethernet ports as well, so I get a switch and access point all in one box. Otherwise, I would look at a pure Wi-Fi access point as recommended.

I’m running a Balance20 as my main gateway, which is rated at 150mbps.

Sitting within a few feet from the soho and reports speeds sometimes of 140mbps at a signal strength of around -40dbm.

And this on a narrow 20mghz wide channel (165).

Sitting upstairs from the SOHO, signal strength of around -69 and speed test drops to about 40mbps.

I’m looking at replacing the SOHO with either a higher powered AP ceiling mounted upstairs or two lower powered ceiling mounted APs. (Basement and 2nd floor)

But, what I like with the SoHo is extra ports that I can assign to Vlans for hardwired devices.

I only really have device I can hardwire for IoT and Airplay but Bonjour Forwarding is not working for me right now with the B20 and the Soho.

I have a ticket open with support and network engineers are looking over a network capture of a failed airplay connection

I would expect the throughput to be the same. You can disable any firewall rules and content blocking and other features but my bet is the throughput is about the same, not a 10 fold increase.

