@mystique_ said in bridge igc3 to ix1.172 network..: I have a few vlans defined on ix1, one of them being 172 for management. I am trying to have a local (igc3) be bridged to that ix1.172 for local management if/when onsite.. bridge0: > member: ix1.42 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 13 priority 128 path cost 2000 These are different VLANs.

@summer solved with: VLAN PFSENSE IP 1 192.168.1.1 10 192.168.10.1 SWITCH PORTS: PFSENSE AS TRUNK Device as Untagged 10 Then with firewall rules I can allow/disallow traffic. Thanks, BR

@adminproconer And how about you remove the link aggregation.. If still slow then I would sniff - but if you have full speed, and ping is 1ms - your issue is not network related, but most likely server or performance related. Sniff to see what is slow, nothing the network the router can do if server answers slowly.

@fireix said in VLAN on D-link: This way, no overlapping FWIW pf will not let you do overlapping subnets so that doesn't matter so much. You can migrate your networks over to a new /28 individually as long as it is contained in a different /24 than your other interfaces.

@adminproconer said in Firewall rule problems. (Client-to-client forward): Where should I start troubleshooting the issue? With the network settings and firewall config of the concerned device. Ensure that all devices in both subnets use pfSense as gateway. If you can access a device from within it's own subnet, but not from another network segment check its firewall and ensure that it allows access from outside.

@minimos I have a VLAN going to my access point for guest WiFi. The LAN interface is configured with VLAN 3, as well as native. My AP is configured to have the 2nd SSID on VLAN 3 and my Cisco switch is configured to allow VLAN 3 on the ports connected to pfSense and the AP. It's as simple as that.

bump

@the-other exactly.. The AP doc on netgate - sure isn't a doc that that screams use pfsense as your wifi AP ;) https://docs.netgate.com/pfsense/en/latest/wireless/configuration-ap.html#pfsense-as-an-access-point Now lets say you were marooned on a desert island and you had xyz gear to use and you had to setup a wifi network to try and get rescued - then ok sure you could make it work ;) hehehe But even with only a $10 budget, pretty sure you could find some old wifi router on ebay that would make for better AP than a card in pfsense ;)

@netblues well my nas runs linux OS.. ash-4.4# uname -a Linux NAS 4.4.180+ #42661 SMP Fri May 27 17:10:49 CST 2022 x86_64 GNU/Linux synology_apollolake_918+ I use the driver put out by bb-qq https://github.com/bb-qq/r8152 But in general I don't think freebsd has had overall good luck with usb nics.. Or really anything realtek - a usb nic on any os really would never by my first choice ever, but sometimes your stuck getting something to work with what you can use. I sure wouldn't choose usb to save a few bucks, but if no other way - then they can work, and can be stable. Depending on the driver support from your OS.

@snoopyski said in VLAN cannot ping is gateway!: Hello everyone, I have 2 VLAN : VLAN9 and VLAN5 Same settings, VLAN9 in the Netgate "Diagnostics ping" section cannot ping itself the VLAN9 gateway from VLAN9 source BUT works fine for the VLAN5 for itself So the result is : LAN cannot reach VLAN9 devices and VLAN9 cannot reach LAN devices PS : Of course, my rules ares open for my test Any Idea ? The device is Netgate 7100U Best regards In that VLAN, did you create something in the "System/Routing/Gateways" menu? When I was starting with Pfsense, I went through a similar error, but my mistake was that I didn't need to create a gateway for each vlan, because the IP you define in it will be your gateway. If you created it, just go and disable the Gateway from the vlan and everything will work.

@fireix You don't need NAT. It was created to get around the IPv4 address shortage and with a /24, you likely have more than enough addresses.

@johnpoz the states thing probably did it yesterday. I'll have to change the subnet yes. Good remark :)

@ffh4500 said in Inter LAN communications: A simple 1:1 mapping using the Subline feature on the printer subline? huh?

@jarhead I had posted elsewhere and it seems like I need to setup the switch first and then connect it to pfSense? I thought if I reset it and connect it to the box, it would at least get an IP.

@bob-dig yes destination is internet. So this is why I get the NAT3 on the ps4 right? in short, because the vlan's gateway is not exposed to internet but is behind the wan.. right? sorry what you mean with If the destination is at your place then number 3 another vlan or the lan? thanks again

@bob-dig which part? the VLANs, I added them The 1 4090 4091 is by default