Thanks for the reply. I figured this out. Not knowing the first thing about UCS servers, evidently, the ports I am using are "vNICs". I needed to configure both ends of the link as trunks. This still makes very little sense to me, but it worked.

Yes I understand that.. I didn't know if it would work or not.

I think esxi is beyond the specs of my simple laptop setup. But I'll look into it.

Well he should of stated that then ;)

that Is what I tried to do :(
Do you have a manual or something that I can follow 🙃🙏
Thanks

If you want to use vlan 40 on some ssid the ports 22 and 24 would be TAGGED..

If you just want any wifi client connected to this ssid to be on the native untagged network connected to that switch port then you wouldn't set vlan ID on the ssid.

The ISP may very well use VLANs to separate different types of traffic. However, that's not normally visible to a user. Again, you'll have to contact your ISP to see what they provide and then configure for it. Until we know what they require, we can't offer advice.

I confirm that it's not pfsense, but my cisco config, I need to make some research as I'm not a cisco expert but clearly pfsense is working correctly, thanks for your time guys ! :)

You can if you want to use the same ID, as long as one side connected to pfsense is untagged vs tagged., since they are isolated by by L3. But you would not use the same L3 network.

Its not tricky.. Upstream and Downstream routers are used all the time everywhere. What think your misunderstanding is the difference between a vlan (layer 2 always) and a L3 network.

What you use for the ID is only going to matter with devices on those L2 networks. Unless you want to use pfsense as a layer2/bridging firewall the vlan ID have zero to do with what is on 1 side of a L3 firewall/router and the other side.

As to creating a vlan on pfsense. Its as simple as creating the vlan, assign an ID and put on your parent physical interface.

https://www.netgate.com/docs/pfsense/interfaces/vlan-trunking.html

If your devices got an IP from the dhcp server, then yeah they are going to be in the dhcp lease table.. If your not seeing them, then they didn't get an IP from pfsense.

@someone0 said in Is setting mac address setting in the bridge gui broken?:

I'm using pfsense version 2.4.3-RELEASE-p1 (amd64) and I have setup a bridge for the LAN side. But for some reason, when I have a valid fictitious mac address in the setting for the bridge GUI(interface > bridge0 > MAC Address), it won't take that. Every time I rebooted, I keep getting random mac address. Is this menu setting broken or am I doing something wrong? or is there a workaround?

There is an open bug for this: https://redmine.pfsense.org/issues/8138

That all looks good. Whatever you connect to igb2 has to be tagged VLAN 20. After that any access port on the switch that is on VLAN 20 should get DHCP.

@jknott said in Hardware switch or NIC brridge?:

There used to be some cut through switches, that would start switching as soon as it learned the destination MAC, but those have disappeared

And there still are, the cisco nexus 5000 line did/does it... The 9000 series nexus I believe default to cut through but can be put in store and forward, etc.

So disappeared is not true... But cut through was never in the soho or budget lines of any switch maker..

@jknott said in VLAN tagging with untagged parent interface:

You'll find that's typical when VoIP phones and computers share the same cable.

Do I sound as if I needed this explained?
Being able to remember the distant past but not 5 minutes ago is called Morbus Alzheimer. My mom suffers from it badly.

Same with WiF access points and multiple SSIDs.

Buy serious wireless APs with all traffic tagged, not consumer gear on steroids.

@braveben said in One L3 per VLAN across 2+ interfaces:

Speaking of those sexy XG-7100’s 10Gbit SFPs, how would they respond to being a trunk with the same VLAN’s as one of the switch ports? Could I still share a L3 interface/IP on the single VLAN?

You would, again, have to software bridge them. I would suggest using the 10G to an external switch instead.

@pvn said in VLAN setup:

my workstation will have eth0 in 10.1 (corporate network) and eth1 in 10.2 (my private network)

You better be careful with that. You might wind up bypassing the corporate network security.