PFsense with VLANs > Brocade switch > Devices and Unifi Controller/APs
-
Im a bit perplexed on how you think this should be setup..
You're saying i need to tag my devices that connect to a port on the switch..which ive never had to do before.
you are also saying to untag my ports..but then how would the appropriate IPs be assigned?
Are you aware that i stated i have a 2 port pcie network card. slot for WAN and slot 2 of LAN?
the additional interfaces are only showing because i added the same vswitch interface with a VLAN on them, therefore PFsense see's these are multiple interfaces...these are NOT physical ports.. -
@dabdad No, I said if you tag a switchport, whatever you plug into that port needs to be tagged also. So in your original config, you had ports 1-24 tagged. The only way to use those ports would be if your pc's were also tagged.
Google trunk port and access port.
A trunk port carries multiple vlans. The only way to separate those vlans on a single port is by tagging.
An access port carries one vlan, and it's untagged.
Devices like pc's connect to access ports 9 out of ten times, because the pc's interface isn't tagged.So go back to your original config.
Add the vlans to the LAN. Connect that interface back to port 25. Make port 25 a trunk port with the vlans tagged and your LAN untagged.
Then untag port 1 as vlan6. Plug a pc into it and it will get an IP in vlan6's network.
Providing your vSwitch is correct of course. -
@jarhead
bruh, i dont think you read my OP completely..
Port 25 is trunked to ALL VLANs.....
-
@dabdad No, I read it.
You're not understanding how vlans work.
Port 25 is your trunk port. It carries all your vlans to your switch. Once they're there, you don't need any other ports tagged unless you're carrying multiple vlans to another device.
Just untag ports 1-24 and plug a pc into one of them. -
Devices connected to Untagged ports 26-45(default VLAN 1) get a 192.168.1.x IP.
devices connected to ports 1-24 should get a 176.16.69.x IP..
devices connected to ports 46 and 47 should get a 192.168.3.1 IP..if i untag port 1, then ill get an IP of 192.168.1.x which is not what we want..
I'm sorry but maybe i'm misunderstanding when you say that my PC needs to be tagged. again ive never had to tag a PC and connect it to a port with the same tag in order for traffic to flow. Pc requests an IP when connected, The switch knows what VLAN its on, it communicates via the Trunked port(25) with that 'tagged' traffic to pfsense, pfsense see the tagged traffic as assigns an appropriate IP..
Please school me, im curious to your methods..
-
@dabdad You have to untag it with vlan 6. You're untagging it with vlan1.
There should be a pvid setting in your switch. For ports 1-24 the pvid should be 6.
If you use the cli of your switch the command's are here
https://www.alteeve.com/w/Configuring_Brocade_Switches#Configure_VLAN -
@jarhead said in PFsense with VLANs > Brocade switch > Devices and Unifi Controller/APs:
https://www.alteeve.com/w/Configuring_Brocade_Switches#Configure_VLAN
VLANs per console layout:
port 25 is tagged in each vlan
drilling into port 24 within the GUI:
it says VLAN 6 and registered as tagged.
I'm not seeing any issues with the switch
-
I was able to get the switch ports to grab the correct IP based on the VLAN assigned.
I swapped the interfaces within pfsense to the 'new' interfaces that were created when i created the additional vSwitches within HyperV. thanks @AndyRH for the recommendation.
THEN.. i had to go to each port and select IEEE tagging to "untag".
This was a pain as you have to go to each port and switch this setting. i tried within the console but no luck in doing it en mass then either. Thank @Jarhead for the info here, pretty sure this is what you were referring to.
Now, the APs are connected via Port 47 and 48 with POE enabled on those ports.
I tried to trunk them but this seems to be a limitation within the switch? its only allow me to trunk a single port..which right now is port 25 for the uplink to pfsense.
the controller/aps are not passing the correct tagged traffic through those ports to pfsense, wifi devices on 2 SSID's are still not resolving. any thoughts here would be appreciated. -
@dabdad It works??? Imagine that!
Can you believe how much time you could've saved just by listening?There's no way you can only trunk one port in that switch.
Set both ports to dual and add the vlans as needed. -
@jarhead By listening? interesting..
While i appreciate your help, i dont appreciate the sassyness of your comment. To be honest, Your replys are hard to understand and most of them contradict what was already mentioned in my OP. Again, thank you for your help, but if you are wanting to be negative in some manner, then why help at all? -
@dabdad Funny, I got you as being the negative one.
Every reply I made never contradicted a thing.
And if you had listened to my very first post, none of the others would have been needed.
But glad you got it working.