SG-2440 Tagging VLAN Traffic for Ubiquity
-
@denverdesktopssupport said in SG-2440 Tagging VLAN Traffic for Ubiquity:
I am making this much more complicated than I need to, but the new VLAN DHCP is still not handing out addresses.
When you go to Services->DHCP Server have you configured the IoT interface?
-
@denverdesktopssupport So, on your pfsense box, what is the igb3 port connected to, your smart switch? If it is, that switch port needs to be tagged with VLAN ID 20, and so do any other ports on the same switch where you want to connect a device to the same VLAN. Then you should get a DHCP address in that range on that device.
-
Yes. I included a screen shot above.
-
The igb3 port is a physical port on the Netgate?
-
OPT2 is connected to a port on the managed switch and that switch is tagged with VLAN20
-
The Pfsense side of it is looking ok, but I think it's the switch configs which are causing the issue. (Not sure if the dell is still in the way, but it'll be much easier if that wasn't in the equation for simplicity)
Stab in the dark, but I'm wondering if your switch ports are actually access ports for VLAN20 as opposed to trunk ports? (different manufacturs have different terminology - but access ports are untagged, tagged ports are trunk ports). I don't know how Unifi work their VLAN terminology as I've not used their switch kit before.
If the port to igb3 is actually an access port it won't work, as traffic will have the VLAN stripped and it'll arrive on the parent interface on PFsense (igb3) and drop.
The ports for clients etc can be normal access ports, but ports to the upstream switches/firewalls etc where the VLAN tag needs to remain have to be trunk ports. Just a hunch but I think that's the problem.
-
Dell is out of the mix.
-
I'm using a Ubiquity 16 port POE lite switch
-
@denverdesktopssupport I must admit I've not used Ubiquti switching before, but having a quick look on the Unfi controller I use for my AP's....have you created a switch port profile? (as well as the VLAN within the networks in Ubiquti).
From reading how this works, creating the VLAN in ubiquti then allows you to 'select' that for the switch profile you create, then I guess you apply that switch profile to port uplinking to Igb3 and away you go. If that's what you've done...then it should work!
-
I believe that is what I have done!!! But....obviously not!!!
I'll keep digging.
-
Finally!!!
After configuring the access point to talk the VLAN only it was able to obtain an IP address from the PFsense VLAN. Not sure why the traffic can't be tagged at the port level of the Ubiquity, as long term there will be multiple VLAN's on this port for multiple SSID's.
Thanks for the insight!
-
@denverdesktopssupport If the traffic isn't tagged on the 2440 (it's a dedicated port, yes?) then it comes into the switch untagged.
If it's a tagged interface on the pf then it comes into the switch tagged.
