Netgate 2100 - setup question
-
Yes. You can do that and you don't need any separate managed switches to do it. As Steve said the VLANs are all internal to the 2100 so no problem there.
Steve
-
@netboy I'm not very well caffeinated yet, but you only want two networks, correct? So you only need one VLAN. The base-not-configured ports are all one interface out of the box because it's a switch. You're trying to separate two of them.
Or if you follow Ryan's linked directions to the letter to isolate one port, and plug in a cheap 5 port switch, you'd have 3 ports +4 (1->4 remaining switch) ports.
-
@steveits
Now I am trying to implement my idea and seek help.I have changed my default IP for router from 192.168.1.1. to 192.168.0.1.
Can somebody show me screenshots to achieve the following:
-
Create 2 subnets 192.168.0.XXX & 172.16.0.XXX
-
Assign physical port LAN 1 & 2 to 192.168.0.XXX and assign physical port LAN 3 & 4 to 172.16.0.XXX
Please note that I do not use VLAN's - The idea is to connect LAN 1 & 2 to unmanaged switches and so is LAN 3 & 4 to another set of unmanaged switches.
I want to take baby steps as I go so that I can get help from this forum. Thanks
-
-
N netboy referenced this topic on
-
@netboy LAN is already assigned to 192.168.0.1 so ports 1 and 2 are done.
If you follow https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/configuring-the-switch-ports.html that will isolate port 4 and you can assign it 172.16.0.1. I would start with that, and worry about port 3 in a second step.
-
@steveits Hey steveits, I have created the port 4 as per the url you provided. Now I want this to apply to port 3 as well. Can you kindly let me know how I go about doing this? Do I follow identical process for port 3 as well - I basically want port 3 and 4 on the same subnet 172.16.0.1/24
-
My guess is based on the screenshot above:
-
edit VLAN group 0 and REMOVE 3
-
edit VLAN group 1 and ADD 3
Will the above work? The idea is to make 3 & 4 in subnet 172.16.0.1/24
-
-
Yes, do that and also change the PVID on port 3 to 4084 to match port 4.
Steve
-
-
@netboy As soon as I did the above my Web GUI is VERY SLOW (I was trying to apply static address to certain MAC addresses). Has the port / switch configuration messed up something?
-
Yes, that's correct for the switch config.
As long as you have the mvneta1.4084 VLAN interface also configured and assigned it should work as expected.
Steve
-
@stephenw10
Get the following message:
Hmmm… can't reach this page
192.168.0.1
took too long to respond -
This is what I have
-
@netboy Definitely something is wrong... the web GUI is very slow......Any suggestions?
-
@netboy When I removed the ethernet jack from port 3 the web gui works normal. Is there something I am missing in configuring port 3?
-
@netboy What was plugged into port 3 exactly? And if it was a switch what was THAT plugged in to?
What it sounds like to me, after a quick glance over the thread, is you might have a loop going -- your main network feeding back into the new VLAN... but that's just an educated guess.
-
Yes, if you had the switch connected to ports 3 and 4.
The switch in the 2100 does not support STP to prevent that.Steve
-
@stephenw10 What is STP? Yes port 3 and port 4 are connected to "separate" unmanaged switches so that anything connected to the switch has the 172 subnet.
This was my idea right from beginning.
Are you telling me that I cannot connect any switch to port 3 and 4?
Please note that port 3 is disconnected right now and port 4 is connected to a unmanaged switch. This configuration does not choke up web GUI but once I connect port 3 to a switch the web GUI chokes up.
Kindly advice
-
@netboy said in Netgate 2100 - setup question:
What is STP?
Spanning Tree Protocol.
If you have a link from one network going into another, it cannot detect that and mitigate the cross-talk.
You can connect a switch to those ports, yes, but I was asking you what the rest of those are connected to -- is it possible that one of those switches is connected to port 1 or 2?
-
@rcoleman-netgate You are on the money!!! I had daisy chained the switch which was in port 1 and port 3 because my standby router had only one port and was waiting for 2100 to arrive. Newbie mistake!!! Thanks for pointing this out!
I have now removed the daisy chain ethernet cable connecting switches which were in port 3 and port 1.
Web gui works fine.
Thank you for baby sitting me!
-
@netboy Yeah, don't do that :) It does bad things -- as you have seen. :)
