Netgate 3100 VLANs
-
I got the Netgate 3100 thinking that each of the 4 LAN ports could be configured like a router but I can only configure them as VLANs. I created the VLANs using (https://docs.netgate.com/pfsense/en/latest/solutions/sg-3100/switch-overview.html) with a /26 networks . DHCP works but there is no routing outside of each segment. I tried creating a gateway but it didn't work. I think I purchased the wrong appliance to allow for a lan with four networks. Am I doing something incorrectly or should I spend the $$$ and get a cisco router and just use the 3100 as the firewall?
-
@rwq891 what you're trying to achieve works fine on the SG-3100. You can create different VLANs on each port, and then make sure all those VLANs are also created on the LAN Uplink (Port 5), just as the document you linked shows. Did you create the appropriate Firewall Rules for communication between subnets as well as to the outside world? For instance if you want VLAN 3 to reach out to devices on VLAN 4, you'll have to create rules on VLAN 4 that allow incoming connections from that segment, otherwise it will get blocked.
-
@rwq891 Post a screenshot of a VLAN's settings from the article, and firewall rules for it.
Firewall rules evaluate as traffic enters an interface. So on VLAN3 add a rule allowing traffic to go from that subnet to VLAN4.
The default for new interfaces is no rules, hence no traffic...except LAN where the default is LAN to any.