• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

VLAN not connecting to LAN

Scheduled Pinned Locked Moved Virtualization
14 Posts 3 Posters 1.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    KOM @Raizor_HD
    last edited by Feb 21, 2022, 12:35 PM

    @raizor_hd Did you add an Allow rule on the VLAN interface?

    R 1 Reply Last reply Feb 21, 2022, 1:43 PM Reply Quote 0
    • R
      Raizor_HD @KOM
      last edited by Feb 21, 2022, 1:43 PM

      @kom I added an "Allow VLAN net with any protocoll to any" rule, yes

      J 1 Reply Last reply Feb 21, 2022, 1:45 PM Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator @Raizor_HD
        last edited by johnpoz Feb 21, 2022, 1:46 PM Feb 21, 2022, 1:45 PM

        @raizor_hd Don't forget local firewalls.. Also you didn't happen to add block rfc1918 to your vlan did you, or bogon?

        A have seen this way more times than you would think, which should be zero ;)

        If what your running on the lan has a firewall - its quite possible it would block access from another network.. Windows firewall out of the box would block said access.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        R 1 Reply Last reply Feb 21, 2022, 1:57 PM Reply Quote 0
        • R
          Raizor_HD @johnpoz
          last edited by Feb 21, 2022, 1:57 PM

          @johnpoz you mean in the General Configurations? No, didn't add anything there. And I only have one client that I'm switching between both LAN and VLAN. Even then, the firewall is deactivated

          J 1 Reply Last reply Feb 21, 2022, 2:05 PM Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator @Raizor_HD
            last edited by Feb 21, 2022, 2:05 PM

            @raizor_hd No not in general on your vlan interface.. Are you sending traffic out a gateway on this vlan? Policy routing is another common issue have seen.

            So simple test.. Sniff on your vlan interface while your pinging something in your lan from your vlan.. Do you see this traffic hit pfsense vlan interface?

            Now while ping is still running (use say constant ping with -t on the end in windows) sniff on your lan interface in pfsense.. Do you see pfsense sending the ping requests to the client. If you do then its something on that dest device in your lan. Be it firewall, be it not using pfsense as its gateway..

            if you do not see the traffic hit pfsense on your vlan sniff - then your client in vlan not sending the traffic to pfsense.

            If you see the traffic hit vlan, but not sending out lan - then either you do not have a rule on vlan to allow it, or you have a floating rule blocking it, or your policy routing the traffic out some gateway, etc.

            Simple enough to sniff on pfsense via under the diagnostic menu packet capture.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            R 1 Reply Last reply Feb 21, 2022, 2:44 PM Reply Quote 0
            • R
              Raizor_HD @johnpoz
              last edited by Feb 21, 2022, 2:44 PM

              @johnpoz This VLAN does not have a gateway because eit said everywhere that it wouldn't need one. And what do you mean with sniff?

              J 1 Reply Last reply Feb 21, 2022, 2:56 PM Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator @Raizor_HD
                last edited by johnpoz Feb 21, 2022, 2:57 PM Feb 21, 2022, 2:56 PM

                @raizor_hd No you do not need a gateway on the interface, I am talking forcing traffic out a specific gateway in your your rules, like a vpn connection or your wan dhcp..

                gateway.jpg

                how about you just post up your rules you have on this vlan, and do you have any rules in your floating tab?

                Do a packet capture... Look for your traffic, it is under the diagnostic menu on pfsense.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                R 1 Reply Last reply Feb 22, 2022, 6:50 AM Reply Quote 0
                • R
                  Raizor_HD @johnpoz
                  last edited by Feb 22, 2022, 6:50 AM

                  This post is deleted!
                  J 1 Reply Last reply Feb 22, 2022, 12:27 PM Reply Quote 0
                  • J
                    johnpoz LAYER 8 Global Moderator @Raizor_HD
                    last edited by johnpoz Feb 22, 2022, 12:30 PM Feb 22, 2022, 12:27 PM

                    @raizor_hd You see that 0/0 there under states.. Nothing is getting to pfsense. you sniffed and nothing there.. So your not pointing to pfsense as your gateway on your device? Your not connected.. You have your vlans setup wrong, no tag, wrong tag what is connected to your lan interface? What switch how is configured for your vlan, etc..

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    R 1 Reply Last reply Feb 22, 2022, 12:42 PM Reply Quote 0
                    • R
                      Raizor_HD @johnpoz
                      last edited by Feb 22, 2022, 12:42 PM

                      @johnpoz I checked. My Gateway for my client is the IP of my Interface, so it can't be that. As for the tagging, they are tagged and patched through. Besides, why would it go to a switch when I ping my LAN? The VLAN should be connected to the LAN because I created it there and as such can easily reach it or am I wrong?

                      J 1 Reply Last reply Feb 22, 2022, 12:47 PM Reply Quote 0
                      • J
                        johnpoz LAYER 8 Global Moderator @Raizor_HD
                        last edited by johnpoz Feb 22, 2022, 12:50 PM Feb 22, 2022, 12:47 PM

                        @raizor_hd dude if you were connected correctly with the vlans - then when you sniffed you would have seen the traffic no matter what your firewall rules said..

                        How do you have this connected? If you put on your vlan on your lan then that would have to go to what?? What do you have it go to where you set your tags - couldn't just be 1 device. Your AP? Ok lets see your vlan settings on your your AP.

                        All I can tell you is you have 0/0 for evaluations - which pfsense saw no traffic.. And your sniff also shows no traffic.. So how would anything get anywhere if pfsense is not seeing any traffic.. Are you saying this device on your vlan is getting dhcp from pfsense? And you see it listed as a active lease, etc.

                        runs VMware ESXi.

                        Oh - yeah if you want pfsense to see tags, then you would have to set your vswitch to 4095.. or its going to strip tags.

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        R 1 Reply Last reply Feb 23, 2022, 12:39 PM Reply Quote 0
                        • R
                          Raizor_HD @johnpoz
                          last edited by Feb 23, 2022, 12:39 PM

                          @johnpoz Nevermind, I asked a firend and he said that the way I want pfSense the VLANs would only make problems. Found a way around it by adding another network adapter. Still thanks for the help!

                          J 1 Reply Last reply Feb 23, 2022, 1:33 PM Reply Quote 0
                          • J
                            johnpoz LAYER 8 Global Moderator @Raizor_HD
                            last edited by Feb 23, 2022, 1:33 PM

                            @raizor_hd Not understanding what they are, how they work or how to set them up.. Yeah bit of a learning curve..

                            Do you even have a vlan capable switch? Most likely not.. Nevermind is right - waste of everyone's time, especially mine..

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            1 Reply Last reply Reply Quote 0
                            11 out of 14
                            • First post
                              11/14
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                              This community forum collects and processes your personal information.
                              consent.not_received