How to get pfSense WAN to accept VLAN 0
-
@schwiing 4094 is only a VLAN internal to the switching Netgate devices (1100, 2100, 3100, 7100) and not presented on your external network as that port is untagged on the interface.
-
@rcoleman-netgate @Schwiing And it doesn't go to your LAN, it goes to your WAN but I'm guessing that was a typo.
-
@jarhead True, regardless of the VLAN in those systems - they're all internal to the software and not tagged on the ports out, just untagged so all traffic on those ports (by default) are on that vlan.
-
@jarhead Ah I did mean WAN, not LAN. My mistake.
Thanks. I'll assume the PFsense side will remain default then being configured as "DHCP" and won't be bothered by the 4094 VLAN.
IIRC, my modem's address now (for Comcast, temporary until Frontier is installed) is 192.168.100.1, so on the 100 VLAN. I guess it's a similar concept, but in this case, I'm "choosing" 4094?
EDIT: I assume I did this right?
https://imgur.com/a/DTIkhi7 -
The subnet and VLAN ID used here are completely independent. Though you will often find people set them up to use the same values as it's much easier to read like that.
What I expect to see there is one switch port connected to the ONT and another connected to the pfSense WAN. However you have ports labeled WAN and LAN? It doesn't actually matter what they're labeled of course as long as the WAN traffic is passing through that VLAN4094 segment it will strip the VLAN0 tags.
Steve
-
@schwiing If your going to get the 2g service from frontier to take advantage of it you will need a switch with at least 2.5gb ports.
-
Ugh I totally messed up my labels on accident. I renamed one to say "ONT" and the other "WAN". Good catch.
They're both 10gb SFP+ ports that can negotiate at 2.5, 5 or 10g so it should work fine I think.
-
@schwiing Sounds like your good to go.
-
@schwiing said in How to get pfSense WAN to accept VLAN 0:
Ugh I totally messed up my labels on accident. I renamed one to say "ONT" and the other "WAN".
They're supposed to be ONT and WAN.
-
@jarhead Yep, that was my mistake earlier. I renamed them from my original screenshot. Now just waiting for frontier to allow me to order service...despite putting a hanger on my door saying "Fiber is Here. Order today" last week.
Much appreciated all!
-
@schwiing Do you mind me asking what city and state your in? I'm curios about frontiers fiber rollout. I'm in New Haven CT. Thanks
-
@michaellacroix Ha! Wallingford here.
They're still building out a lot of CT towns including New Haven. Pretty sure there's not many areas in New Haven with fiber yet. -
@michaellacroix Houston, TX (Southeast)
Most of my neighborhood has had Frontier for a number of years, and Verizon FiOS before that (lots of Verizon plates in the sidewalk). It just started expanding to my section starting end of June, and my street (including the front of my property) has a fiber vault with conduit + fiber ran as of 2 weeks ago...so I'm hoping it'll be ready to order soon.
As I read more about the subject I see a lot of users from CT, so it sounds like a popular rollout spot as well.
-
Hey Folks! Crazy the life my post took on. I had a little one and stepped away for a bit.
Can someone get me up to speed? Does my script work in the latest build? Is it still needed to get VLAN0 to work?
I am currently on: 2.4.5-RELEASE-p1 (amd64) with em0/1 nics
Is it safe to go to 2.6.0 or should I be going 2.5.x?
-
Yes, the script still works.
-
@c45p32 thanks! I thought I had seen some messages fly that my script stopped worked in 2.5.x & 2.6.x?
-
@natbart Do not go to 2.6, it will break....I am still under 2.5.2 and it does work in that release....we are all waiting for a fix on 2.6.
I am thinking about jumping ship to OPNSENSE, but I love pfsense so much that I am debating at this point since I dont know for sure its fix under OPNsense....I dont have a spare box to test and can't afford to have the wife without internet.
-
@natbart I am using igb0-igb4 network cards.
-
I’m using igb0 on 22.05, and I used the same script on 2.6.0 without issue.
-
@cucu007 said in How to get pfSense WAN to accept VLAN 0:
@natbart Do not go to 2.6, it will break....I am still under 2.5.2 and it does work in that release....we are all waiting for a fix on 2.6.
I am thinking about jumping ship to OPNSENSE, but I love pfsense so much that I am debating at this point since I dont know for sure its fix under OPNsense....I dont have a spare box to test and can't afford to have the wife without internet.
It is fixed on opnsense.
