pfSense dhcp problem using VLANS
-
The DNS forwarder, should it be disabled?
I guess the DNS resolver handles the DNS requests? -
@Toube said in pfSense dhcp problem using VLANS:
The DNS forwarder, should it be disabled?
It is :
@Toube said in pfSense dhcp problem using VLANS:
I guess the DNS resolver handles the DNS requests?
By default, the Resolver (unbound) is enabled.
It will work for any LAN type interface - keep in mind that on any OPTx type interface (and VLAN) a protocol UDP & TCP destination port 53 needs to be added.. -
Hi @Gertjan ,
do I need to add any rules to the IOT network?
Currently only one rule active for the IOT. -
Current situation is that all wireless clients are not getting an IP-address when a VLAN tag is set to the SSID. But for wired connection for example.
If I connect my laptop to a smart switch port that has the VLAN50 tag in the port then my laptop will be given the correct ip-address from the IOT dhcp scope. -
did you setup the vlan ONLY within the UBNT controller?
settings > networks > create network > purpose vlan only name of vlan and vlan ID
this doesn't sound like a Pfsense issue(yet) it doesn't sound like the vlan was setup properly yet
-
@Toube said in pfSense dhcp problem using VLANS:
Hi @Gertjan ,
do I need to add any rules to the IOT network?
Currently only one rule active for the IOT.The IOT firewall rule is ok.
-
Hi @bcruze,
the Unifi VLAN (Created 2 x with Vlan only IOT VLANID 50 and GUEST VLANID 100) is at least to my knowledge setup as it should be.
Then added these VLANIDs to the SSID configurations.
On the switch ports where the ap:s are connected I have set the switch profile with LAN as native network and then included the tagged VLANS 50 and 100. -
So it seems was neither Unifi or Pfsense problem.. the problem was my small Netgear smart switches two of them.. they were improperly configured and thus causing the VLAN50 and 100 not to be able to be forwarded to the pfsense router. Thanks all for answering me.
-
@toube
What change to your Netgear switch did you make? Having same issue and I'm using Netgear switches.Thanks
-
I didn't work with UniFi switches, however I'm planning to later this year.
But concept I'm using with other switches that support VLAN is like this:
Chromecast will need to receive traffic only from IOT VLAN (if I understand your requirement correctly. But for Chromecast (and other consumer grade appliance) it is important to receive this traffic as untagged, so if it is possible in Unify switch you need to configure ports to which devices are connected directly as belonging to proper VLAN but sending untagged traffic.
Also I'm seeing you seem to have solved your issue already, but I'd suggest to consider configuring untagged ports properly (if Unify allows it, maybe it is too smart and guesses proper config on it's own)
I'm just thinking if e.g. Chromecast is connected to port which sends tagged traffic, Chromecast will probably be able to receive some packets, but some portion of packets may be dropped, and this will affect quality of the connection.
