pfSense on Watchguard M270

stephenw10

If you used the script I posted above WAN should be ix0 and connects to port 0.
LAN should be ix1 and connects to ports 1-7.

Of course you can change that to be however you want. Add VLANs to get 8 separate interfaces/ports for example.

Steve

sorcefm

This post is deleted!

sorcefm

This post is deleted!

ozon08

@stephenw10 Perfect. Now everything is running.
Thank you very much Steve

ozon08

Did anyone update to pfsense plus 23.x?
@stephenw10 can you help me?

stephenw10

It will run 23.01 just fine but, as mentioned, the device hints required for the switch will be lost at upgrade.
You will need to add them back at the console after the reboot. That might be twice coming from 22.05.

Steve

ozon08

@stephenw10 i did this with the hints and the etherswitch config but it didnt work. The Links are up but no connection to the network

stephenw10

Also this applies as it's the same switch: https://redmine.pfsense.org/issues/13993
Unlikely you would hit it unless you have two in HA with a direct link.

stephenw10

Check etherswitchcfg shows the correct switch config.

ozon08

@stephenw10 what show etherswichcfg show me?

stephenw10

It should show you the current config for the switch.
If it just errors then the switch hasn't been setup correctly.
If it shows something but it's incorrect then the switch setup script probably didn't get run by the shellcmd.

The actual output depends how you have it setup.

ozon08

@stephenw10 port9 and port10 is in state 1. is it correct?

stephenw10

If you're using my example script above where the WAN is port 1 and LAN is ports 2-8 then it should look like:

[23.01-RELEASE][root@m270-2.stevew.lan]/root: etherswitchcfg
etherswitch0: VLAN mode: PORT
port1:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
port2:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port3:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port4:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port5:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port6:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port7:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port8:
        state=8<FORWARDING>
        flags=0<>
        media: Ethernet autoselect (none)
        status: no carrier
port9:
        state=8<FORWARDING>
        flags=1<CPUPORT>
        media: Ethernet 2500Base-KX <full-duplex>
        status: active
port10:
        state=8<FORWARDING>
        flags=1<CPUPORT>
        media: Ethernet 2500Base-KX <full-duplex>
        status: active
vlangroup1:
        port: 1
        members 9
vlangroup2:
        port: 2
        members 3,4,5,6,7,8,10
vlangroup3:
        port: 3
        members 2,4,5,6,7,8,10
vlangroup4:
        port: 4
        members 2,3,5,6,7,8,10
vlangroup5:
        port: 5
        members 2,3,4,6,7,8,10
vlangroup6:
        port: 6
        members 2,3,4,5,7,8,10
vlangroup7:
        port: 7
        members 2,3,4,5,6,8,10
vlangroup8:
        port: 8
        members 2,3,4,5,6,7,10
vlangroup9:
        port: 9
        members 1
vlangroup10:
        port: 10
        members 2,3,4,5,6,7,8

stephenw10

Ah, now I recall I had to add those ports to the script in 23.01!

#!/bin/sh
#
# Script to setup the switch in the M270
#
# SteveW 5/6/2020
#

echo "Configuring switch..."
logger Configuring switch...

etherswitchcfg vlangroup1 vlan 1 members 9
etherswitchcfg vlangroup2 vlan 2 members 3,4,5,6,7,8,10
etherswitchcfg vlangroup3 vlan 3 members 2,4,5,6,7,8,10
etherswitchcfg vlangroup4 vlan 4 members 2,3,5,6,7,8,10
etherswitchcfg vlangroup5 vlan 5 members 2,3,4,6,7,8,10
etherswitchcfg vlangroup6 vlan 6 members 2,3,4,5,7,8,10
etherswitchcfg vlangroup7 vlan 7 members 2,3,4,5,6,8,10
etherswitchcfg vlangroup8 vlan 8 members 2,3,4,5,6,7,10
etherswitchcfg vlangroup9 vlan 9 members 1
etherswitchcfg vlangroup10 vlan 10 members 2,3,4,5,6,7,8

etherswitchcfg port1 forwarding
etherswitchcfg port2 forwarding
etherswitchcfg port3 forwarding
etherswitchcfg port4 forwarding
etherswitchcfg port5 forwarding
etherswitchcfg port6 forwarding
etherswitchcfg port7 forwarding
etherswitchcfg port8 forwarding
etherswitchcfg port9 forwarding
etherswitchcfg port10 forwarding

echo "done"
logger done

ozon08

@stephenw10 this looks like my configuration.

ozon08

@stephenw10 i just have it. I forgot to forward port 9 and 10. sorry that was my fault

stephenw10

No that wasn't required in 22.05. Something changed in the switch driver defaults. Probably the same reason for that MDI/X bug.

ozon08

@stephenw10 okay, now i added it to my shellcmd. After a test reboot it works fine. Thank you

shaker

Hello,
I tried the whole night to bring me M270 to work.
But I didn't have success.

Can you please explain more detailed, what are the steps for get it done?

Thank you so much.

ozon08

@shaker
What have you done so far?