VLANs setup properly?

terry.c

This post is deleted!

terry.c

@jarhead I tried a few configurations with the info you provided. here's what seems to be working, although VLAN30 laptop doesn't seem to be switching over at this time. I restarted the switch and laptop, checked all settings, pfsense, and switch a few times, all is the same. Not sure what's up with that... Any idea why LAN says there's activity even though nothing is routed there?

Jarhead

@terry-c I don't understand your drawing.
Post a screenshot of your switch vlan config.
Use "snipping tool" if you're using windows.

milew

@terry-c
Do you have one or two interfaces in your pfsense?

For one interface try this
Flowchart

terry.c

@jarhead here's screenshots of the setup.

viragomann

@terry-c
Any specific reason for having port 1 configured with PVID10?

VLAN10 is your WAN as I got you and port 1 has it tagged. As well it should be tagged in pfSense. So there is no need for PVID.

terry.c

@viragomann not really sure how to connect this. I'v tried a bunch of different ways. At this time if I untag port 1 from 10 I lose pfsense. Anybody have a really good example or explanation of tagged and untagged. I think I have it figured out, then it doesn't work with 2 devices. Only one vlan will work. Really confused and shocked at how difficult this is. lol

viragomann

@terry-c
untagged VLAN10 != PVID10

The switch gives you 3 way to assign a port to a VLAN.
tagged: outgoing packets on the port are tagged
untagged: outgoing packets are untagged
PVID: incoming packets get tagged

I requested you to remove the PVID from port 1. Port 1 is the trunk port to pfSense = all VLANs tagged. I.e. all outgoing packets are tagged with the respective VLAN IDs. Incoming packets must not get tagged, because they are already.

Jarhead

@terry-c said in VLANs setup properly?:

@viragomann not really sure how to connect this. I'v tried a bunch of different ways. At this time if I untag port 1 from 10 I lose pfsense. Anybody have a really good example or explanation of tagged and untagged. I think I have it figured out, then it doesn't work with 2 devices. Only one vlan will work. Really confused and shocked at how difficult this is. lol

Think of it like this, if you have a tagged vlan on an interface, whatever you plug into that interface also needs to be tagged.

Why are you using a vlan on the WAN?

There should be a third option on the vlans, tagged, untagged and "no". ie excluded, not allowed, something like that. If a vlan isn't being used on a port, set it to excluded on those ports.

All vlans are assigned to LAN as parent in pfSense, correct?

terry.c

@jarhead Hi, thanks for following up. I appreciate it. I contacted the switch manufacturer for a 3rd time and finally figured it out. lol. there was a few things i was doing wrong, plus the support tech kind of led me in the wrong direction.

Thanks again!!