Got it. Once again thank you. I know what i need to do now.

I don't know why you're getting 2 MAC addresses. Because of some weird issue in the firmware? Given they're sequential, they are likely from the same device. That has to be the case. What does Packet Capture show. I have not captured any packets so far, but I will. One thought, do you have a static mapping configured for that address, but with the wrong MAC? I do have a static mapping for MAC address: 50:c7:bf:3d:4b:48 . Also, that capture of the AP status shows modes b,g & n listed, which means you have all of those enabled. Mine shows n only. I have configured it that way, as all my devices are capable of using n. You can change the mode on the Wireless Settings page. Mea maxima culpa! Setting corrected now.

Yeah that was there reasoning behind not being able to remove vlan 1 ;) Now that you can remove vlan 1 from ports - you should be able to limit from what network you can access the switch gui from.

UPDATE * I did more test today and I don't understand why pfblocker NG causes the issue on my VLAN but not my LAN since both networks are assigned to the same interface and screened by the same rules under pfblockerNG... The IP was white listed therefore it should not be an issue in my opinion... @BBcan177 Maybe you can shed some light on my issue if you have time, I would appreciate that. :) Thanks in advance!

Okay I'll write what's causing this behaviour. It has nothing todo what the different masks, using pfsense as a wireless-bridge, using bridged interfaces, routing or whatever. Basically it because Linux hosts have default kernel-setting "reverse path filtering" enabled. This can be temporary disabled (untill next reboot) by sudo sysctl -w 'net.ipv4.conf.all.rp_filter=0. Now I understand why it happened. So you have to take that into account.

@boniface50 At a high level, typically, you'd have the LAN interface enabled but unconfigured, create tagged VLANs off the LAN interface, tag the VLANs you want to traverse the "trunk" between PFsense and your switch(s), then configure your access ports with the correct VLAN(s). The switch configuration will vary across the different vendors, but the above is an overview of what needs to happen. What make/model switch are you using? If you have a Cisco switch, I can offer some guidance. Otherwise, someone else may need to chime in. You only need 1 uplink (trunk) per switch unless you want to configure a port-channel for extra aggregate bandwidth. Also, that bridge is going to take a performance hit. I'd recommend removing the bridge, starting from scratch and get tagged VLANs working.

gracias por su atención, solucione mi problema ;)

Im not really sure exactly what was wrong... I've started from scratch, and came to the same or new issues. Doing troubleshooting, i found that the broadcast address was way off, which I did not really understood. I then found that the VLAN interface was created as /32 CIDR, which it defaults to, so its highly important to remember to change this. Changed it to /24 CIDR, and then it started working.

@marvosa Now on to the next problem (which will be it's own post if I decide to continue) - HomeKit and WeMo don't talk to one another from the LAN to the VLAN. I found a few guides and attempted to open some ports but it's still not working. At this point, I don't know if it's still worth it. I'd love to be able to have the IoT devices on their own network to avoid them compromising my LAN but it seems like a PITA to get them to talk across networks.

@Nico4526 said in Speed limit at 100 mbs on LAGG: the cables are new That doesn't mean you didn't get a bad one. That does happen occasionally. Also, are the cables direct between devices? Or do you go through other cables connectors, etc.. There was someone here a while ago, who discovered he had a bad connection in the installed wiring. Also, you can get inexpensive cable testers that do a basic continuity test. They can identify cable problems.

Thank you so much. I just knew I was missing something stupid. I'm brand new to all of this. Couldn't for the life of me figure it out. Spent a couple hours going over settings before posting this. Thanks a bunch.

If it helps: Environment: VMWare vSphere 6.5 Cisco UCS. pfSense and WebServer VM are on the same physical host, connected to the same port group, on the same vSwitch.

Nevermind I'm an idiot. I did not allow the 200.0 network through the firewall into LAN. Spent wayyyyyyy to long figuring that out.

Thank you for the info

I guess I am not completely following, the only 2 vlans that pfSense will see is vlan 12 for wan and vlan 3 for lan. Other vlans I might create and have currently are for intranet and won't even go to the pfSense machine. That has been the main reason for keeping the router in there so I can still route traffic properly. Could you elaborate a bit more on what problems I will face?

it is going to another switch/network.