L2/Switching/VLANs

• D

  Pfsense/ one Nic for munity VLAN
  • Dafoxx

  5
  0
  Votes
  5
  Posts
  102
  Views

  

  @penguin-nut said in Pfsense/ one Nic for munity VLAN: I have the concept of 1 NIC and all VLANS assigned to that NIC pfsense. How do I add the default VLAN 1 that is untagged. My VLANS can talk to each other via pfsense but the untagged default, can't get to it. The bare interface, without VLANs is untagged. It is also often called "VLAN1", even though it doesn't have a tag.
• M

  kernel arp moved from
  • Miguel López

  2
  0
  Votes
  2
  Posts
  43
  Views

  

  That error can only happen from two different MAC addresses attempting to use the same address. It could be an IP conflict, or it could be a windows VM doing NIC teaming. Both of those are VMware MACs, track down which VMs they belong to and find out what is happening.
• T

  Vlans No Switch?
  vlans • • telescopedepth

  51
  0
  Votes
  51
  Posts
  577
  Views

  

  @telescopedepth I appreciate people's goodwill. I understand you, also networking's jobs. you can learn enough, trought forum and community, as I do... If you really want, nothing is impossible! Meanwhile I'll reading some nice book like this Some page for a day, it's easy to follow and full of good pratice, for me. Regards. (Indeed pfSense book it is) Finally I need to thank so much pfsense team for this pretty nice gift, I dicovered few days ago, pfsense book for everyone is a must to have. Cool!
• A

  Multiple NIC Ports assign to LAN
  • admins

  2
  0
  Votes
  2
  Posts
  41
  Views

  

  If you need more switch ports get a freaking switch!! A 30$ 8 port gig smart switch will way out perform some software bridge.. Also since your here asking if you can - its going to be way more complex... Get a switch!
• 

  10Gb Switch question/Ideas
  • Snowaks

  1
  0
  Votes
  1
  Posts
  43
  Views

  No one has replied

• R

  2 switches between Router (on a stick) and Modem
  • returntrip

  4
  0
  Votes
  4
  Posts
  70
  Views

  R

  Thanks! The switches are HW V4 and the problems related to VLAN 1 were fixed in V3. Is there any other issue they might have?
• D

  Strange behavior on LAN
  • DraNick

  10
  0
  Votes
  10
  Posts
  80
  Views

  

  @dranick said in Strange behavior on LAN: unmanaged was requested Why would you ever request that?? And pretty much any managed switch I have ever seen comes out of the box dumb.. With everything in vlan 1... Only thing that might be a problem is the default IP of the switch - but most of then not they will auto grab an IP off dhcp if running, etc.. You should never request a unmanaged switch...
• D

  VPN Vlan for Freenas torrent downloads?
  • Dayve

  6
  0
  Votes
  6
  Posts
  60
  Views

  D

  Ah yes @johnpoz that would solve my problem. Thanks
• M

  VLAN setup - issue on routing
  • mbmondor

  5
  0
  Votes
  5
  Posts
  55
  Views

  

  No. If vmx.11 received untagged traffic it will not respond because it is not the correct VLAN.
• T

  LAGG Packet Errors Question
  • tman222

  2
  0
  Votes
  2
  Posts
  53
  Views

  

  It is probably just that the lagg isn't set up yet. If the errors do not increase after it's all booted and established I would not sweat it.
• X

  Interface Stopped DESTRIBUTING, possable flapping
  • xlameee

  7
  0
  Votes
  7
  Posts
  132
  Views

  X

  @derelict It was a loop in my network. All I had to do is configure LACP and spanning tree protocol between both switches and flapping stopped. well something like that
• 

  switch setup on Netgate-SG-3100
  • adamw

  8
  0
  Votes
  8
  Posts
  197
  Views

  

  You don't tag VLAN 1. At best, I would consider the behavior there to vary across vendors. VLAN 1 is the default, untagged VLAN. It should be untagged on mvneta0. In Interfaces > Assignments You assign the interface you want to see that traffic to mvneta0. When you create VLAN 999 on mvneta0 that will be mvneta0.999. That indicates the traffic will be tagged to, and must be tagged from, the embedded switch. You would assign whatever pfSense interface you intend to be on VLAN 999 to VLAN 999 on mvneta0. On the switch you would have: VLAN 1, ports 1,2,5 VLAN 999, ports 3,4,5t PORT 1,2,5 PVID 1 Port 3,4 PVID 999 In that case there will be NO tagged traffic outside the switch so any connecting switch ports must be UNTAGGED. If you want to make, say, port 4 a "Trunk" port carrying both VLANs you would: VLAN 1, ports 1,2,4,5 VLAN 999, ports 3,4t,5t PORT 1,2,4,5 PVID 1 Port 3 PVID 999 The connecting switch port would need to be configured to have VLAN 1 and the untagged, native VLAN and VLAN 999 tagged.
• M

  Firewall GUI interface crawls after enabling vlan on WAN interface
  • mephisto

  3
  0
  Votes
  3
  Posts
  56
  Views

  M

  ok, reason behind was that the next hop firewall managing the next hop was blocking traffic outbound from this pfsense downlink. So the landing page was trying to access some external source, because it was blocked it would timeout after 60 seconds I think, maybe it was the update checker or something, but I would not expect to freeze the interface for that long because of that.
• A

  DD WRT router as guest network with limted bandwidth
  • As-21

  2
  0
  Votes
  2
  Posts
  57
  Views

  

  @as-21 said in DD WRT router as guest network with limted bandwidth: What i basically want to do is DD WRT as separate network Well that is not what you did - you just put in dd-wrt as a downstream nat router... If you want it as a GUEST network - then use it as just an AP and connect it to another network on pfsense be it another physical interface on pfsense or via a vlan. Use one of dd-wrt lan ports to connect it this new guest network, turn off its dhcpd and put its lan IP on whatever guest network you create on pfsense.. Setup the firewall rules to allow this guest to do what you want. Does that switch you list do vlans?
• A

  Guest Wi-Fi on various VLANs not getting DHCP addreses
  • awsiemieniec

  17
  0
  Votes
  17
  Posts
  330
  Views

  

  Which is exactly what I was saying ;)
• 

  switch php errors on Netgate-SG-3100
  vlan sg-3100 switch migration • • adamw

  5
  0
  Votes
  5
  Posts
  112
  Views

  

  Correct, the patches above are copies of the changes made in the repository that will be used to build pfSense 2.4.4-p1. So not "hacks" exactly. If it's all working for you now then there shouldn't be anything to worry about. When you upgrade to 2.4.4-p1 the manually edited files will be replaced with the copies from the new release, which already contain these changes.
• S

  VLAN issue
  • securvark

  7
  0
  Votes
  7
  Posts
  181
  Views

  

  Thanks for letting us know.
• R

  Bridged LAN interfaces and WebConfigurator
  • rob51i03

  8
  0
  Votes
  8
  Posts
  167
  Views

  

  I would not waste money on dumb switch.. What you talking a couple of bucks difference? Dumb switch can work if you need to add ports to a specific vlan... But your not going to be doing your future self any favors.. You never know when you might want to put a port on a different vlan if you just use smart switches you can put any vlan on any port.. https://www.amazon.com/D-Link-EasySmart-Gigabit-Ethernet-DGS-1100-08/dp/B008ABLU2I/ref=sr_1_2?s=electronics&ie=UTF8&qid=1541606386&sr=1-2&keywords=dgs-1100-08 $35 https://www.amazon.com/D-Link-Gigabit-Unmanaged-Desktop-DGS-108/dp/B000BCC0LO/ref=sr_1_5?s=electronics&ie=UTF8&qid=1541606450&sr=1-5&keywords=dlink+switch $30 Your going to kick yourself about that $5 if you need a vlan on that switch ;)
• C

  pfSense>Layer3 Switch Help
  • creek01

  4
  0
  Votes
  4
  Posts
  143
  Views

  

  Is the switch's default gateway pfSense?
• F

  VLAN fail on a SG-4860, what am I missing?
  • Fallon

  7
  0
  Votes
  7
  Posts
  186
  Views

  F

  lol, so many VLAN issues & misconfigurations in my lab (home network) now that I finally have a router online. Thanks for getting me pointed in the right direction on that roadblock that was killing me for days.
• H

  Concept questions (VLAN and DMZ) on virtual Pfsense (esxi v.6.5)
  • hispeed

  1
  0
  Votes
  1
  Posts
  82
  Views

  No one has replied

• S

  Guest Wifi with Netgate XG-7100 and Ubiquiti AP *without* switch
  • stb

  5
  0
  Votes
  5
  Posts
  223
  Views

  D

  @it_dept thank you. I've been up for a couple days without sleep trying to figure this one out. The entire site with APs is back online.
• T

  VLANS AND PFSENSE
  • Tourolouco

  1
  0
  Votes
  1
  Posts
  148
  Views

  No one has replied

• K

  LAGG and L2 redundancy confusion
  • Krisbe

  8
  0
  Votes
  8
  Posts
  168
  Views

  

  You can try it and test it. I've never done it.
• N

  No Internet on Pfsense Vlan
  • n_oandasan

  17
  0
  Votes
  17
  Posts
  264
  Views

  N

  thank you for your inputs....
• S

  Inter VLAN routing
  • sunruh

  36
  0
  Votes
  36
  Posts
  579
  Views

  M

  Ok my bad it works, if you look up last screenshoot you will know what I screwed up
• B

  Help with VLANS in BRIDGE
  • broonu

  22
  0
  Votes
  22
  Posts
  386
  Views

  B

  @derelict thank you. the webgui here is starting to be slow with 32 vlans.
• A

  Public IP Block VLAN - OVH
  • alebeta

  6
  0
  Votes
  6
  Posts
  206
  Views

  A

  @johnpoz I have an automatic deployment system for my Cloud computing infrastructure and VPS. Then the system has a IP pool, this IP pool had been configured before in the pfSense, usually it is a VLAN. With private subnet I can easily create the VLAN of course and the ip allocation works really good. The problem is with Public IP, because my system that perform the automatic deployment was not made to go to the pfSense and perform an NAT 1:1, this is why I need the VLAN to be configure with the Public subnet. In the other hand I can not just create a new interface in pfsense and add there the public IP subnet, because since it is outside of a vlan, the clients using this subnet and interface will be able to see all traffic going through this interface and it does not looks good for anyone. Do you have any suggestion? beside of moving out of OVH :D thanks and all the best
• J

  Deleting VLAN interface
  • joesl

  5
  0
  Votes
  5
  Posts
  119
  Views

  J

  Thank you. It looks like I managed to do what I wanted concerning VLANs & LAGG. Parent interface is deleted and I have connectivity. I'll have to get a console cable as I bricked my switch management but.. could be worse Cheers
• R

  AirPrint across VLANs: devices see printer, but printer prints garbage
  • robin24

  1
  0
  Votes
  1
  Posts
  121
  Views

  No one has replied

• D

  Cable Modem Link Aggregation
  • dxmaster

  15
  0
  Votes
  15
  Posts
  452
  Views

  B

  Does anyone know if this can be done with the SG-3100? I was trying to put the wan/opt1 ports into a lag, but it wont let you put any of them in a lag.. I'm guessing this is something you need custom hardware and dedicated nics for?
• G

  SPAN on PPPOE iface ?
  • geminux

  1
  0
  Votes
  1
  Posts
  113
  Views

  No one has replied

• F

  Is 2 NIC on one LAN on 2 different switch doable?
  • FrAllard

  14
  0
  Votes
  14
  Posts
  295
  Views

  

  @johnpoz said in Is 2 NIC on one LAN on 2 different switch doable?: Being limited to 100mbps at home would be like being force to go back to dial up internet. Also, more and more gear now supports Gb, so might as well use it.
• M

  Redirect IP camera from MAN(outside) network to VLAN network
  • mateusscheper

  16
  0
  Votes
  16
  Posts
  372
  Views

  

  Natting your IP to your MAN ip not really the best way to do it to be honest. Both sides should just use the man as transit network. But if the other side not going to create the route then sure you can nat.
• D

  Help with VLans
  • danlad

  10
  0
  Votes
  10
  Posts
  301
  Views

  

  How many users will there be? NAT works by exchanging ports for individual addresses. If you have enough users and they're busy enough, you could run out of available ports. Large networks would use more than one public IP to avoid this.
• B

  Hyper-V VLAN issues
  • BeanAnimal

  1
  0
  Votes
  1
  Posts
  133
  Views

  No one has replied

• J

  [Solved] pfSense + OpenWRT - Not getting IP and other questions
  • jtommi

  15
  0
  Votes
  15
  Posts
  538
  Views

  J

  Thanks a lot. I followed the NordVPN tutorial. Adding my two VLAN networks worked.
• N

  Bridging
  • NetworkAdmin

  1
  0
  Votes
  1
  Posts
  147
  Views

  No one has replied

• C

  Assign unique MAC to vlan interface?
  • coreybrett

  4
  0
  Votes
  4
  Posts
  175
  Views

  

  @derelict said in Assign unique MAC to vlan interface?: As @jknott said all layer 3 traffic on all switch ports will have the same MAC address in general. Actually, layer 2 traffic too. The MAC address is added when the frame is created in the NIC. Layer 3 is above that.
• B

  pfsense with Unbiquiti 8-port Switch and VLANs
  • bcman1984

  13
  0
  Votes
  13
  Posts
  466
  Views

  B

  i wanted to close the loop on this. I ended up starting over and reset the switch and rebuilt the vlans on pfsense. It is working as expected now, so i must have messed something up previously. Thank you all for you help!