pfsense+mikrotik switch=vlan on windows
-
So the switch pulls an IP address from pfSense in the VLAN subnet when it's running as Layer3?
If it fails when you change the switch to Layer2 it sounds like the VLAN is not correctly defined there.
-
@stephenw10 no it doesn't get any ip address wheteron L3 or L2
-
@learn said in pfsense+mikrotik switch=vlan on windows:
i created the vlan in the mikrotik switch gives it an address
So what exactly was working when you did that with the switch in layer3 mode?
We're probably going to need to see some screenshots from pfSense and the switch.
Steve
-
@stephenw10
I created the vlan on pfsense
give it an address and enable it
gives it some rules for testing the connection
that's the pfsense part
-
@stephenw10 for the switch part
created the vlan on the interface that i want the vlan went from it which basically the Ethernet because the SFPs are all used
that's all for the switch part am i missing something ??
-
That appears to be configured as a router.
If you using it as a switch I expect to see a list of the ports VLAN 50 is tagged or untagged on. And for a Windows client to be able to connect to pfSense at 172.168.100.1 that would have to be tagged to pfSense and untagged to the client.
Steve
-
@stephenw10 I didn't understand tag and untagged thing can you please tell how and explain please!!
-
In order to connect a host device to a VLAN you would usually connect to the host to a switch that is configured with an access port for that VLAN.
That means the port the host is connected to must be an untagged member of that VLAN in the switch.
And that the port pfSense is connected to must be a tagged member of the VLAN so packets can pass tagged to pfSense.So for example something like this:
In this setup pfSense is connected to port 25 and is configured with a VLAN 101 interface.
A host can connect to port 23 and will be on VLAN 101.Steve
-
@stephenw10 can you please help me to find this in the mikrotik switches because this what i was searching for .
thank you so much for your patience and help . -
Unfortunately I have zero experience with Mikrotik switches so I probably can't help you there.
However I imagine there are numerous videos on youtube etc walking through VLAN config on Mikrotik.Steve
-
@stephenw10 thank you friend
-
For reference, which Mikrotik switch and OS are you using?
-
@stephenw10 i am using two switches of mikrotik CRS305-1G-4S+ and CRS305-1G-8S+ the OS is windows
-
Sorry I meant which OS type/version on the switch(es).
-
-
@stephenw10 I was on RouterOS and I switched to SWOS
-
@learn I don't see it mentioned here yet, but the IP address space you chose is out of spec. The 172.16.X.X address space is as follows:
172.16.0.0/12 IP addresses: 172.16.0.0 – 172.31.255.255
You used 172.168.100.X, and that address space looks to belong to Microsoft maybe, somewhere else in the world. First, fix that problem, bring your IP address space within the proper range.
-
Yup, that's true ^.
I would not expect it to prevent the VLAN config working though.
The VLAN setup in SwOS looks more complex that many switches but I'm sure once you're familiar with it it's easy enough.
Steve
-
@akuma1x thank you Ill try that and see if works
-
@stephenw10 yes mikrotik switches are very complex and difficult I did the vlans on edge switch and ubiqiti and went good .
this mikrotik switchess made lost me
