SG-2440 Tagging VLAN Traffic for Ubiquity
-
Yes. I included a screen shot above.
-
The igb3 port is a physical port on the Netgate?
-
OPT2 is connected to a port on the managed switch and that switch is tagged with VLAN20
-
The Pfsense side of it is looking ok, but I think it's the switch configs which are causing the issue. (Not sure if the dell is still in the way, but it'll be much easier if that wasn't in the equation for simplicity)
Stab in the dark, but I'm wondering if your switch ports are actually access ports for VLAN20 as opposed to trunk ports? (different manufacturs have different terminology - but access ports are untagged, tagged ports are trunk ports). I don't know how Unifi work their VLAN terminology as I've not used their switch kit before.
If the port to igb3 is actually an access port it won't work, as traffic will have the VLAN stripped and it'll arrive on the parent interface on PFsense (igb3) and drop.
The ports for clients etc can be normal access ports, but ports to the upstream switches/firewalls etc where the VLAN tag needs to remain have to be trunk ports. Just a hunch but I think that's the problem.
-
Dell is out of the mix.
-
I'm using a Ubiquity 16 port POE lite switch
-
@denverdesktopssupport I must admit I've not used Ubiquti switching before, but having a quick look on the Unfi controller I use for my AP's....have you created a switch port profile? (as well as the VLAN within the networks in Ubiquti).
From reading how this works, creating the VLAN in ubiquti then allows you to 'select' that for the switch profile you create, then I guess you apply that switch profile to port uplinking to Igb3 and away you go. If that's what you've done...then it should work!
-
I believe that is what I have done!!! But....obviously not!!!
I'll keep digging.
-
Finally!!!
After configuring the access point to talk the VLAN only it was able to obtain an IP address from the PFsense VLAN. Not sure why the traffic can't be tagged at the port level of the Ubiquity, as long term there will be multiple VLAN's on this port for multiple SSID's.
Thanks for the insight!
-
@denverdesktopssupport If the traffic isn't tagged on the 2440 (it's a dedicated port, yes?) then it comes into the switch untagged.
If it's a tagged interface on the pf then it comes into the switch tagged.
