Multiple NIC ports with different VLANs connection to switch

Hoserman

@johnpoz So when I create a vlan in pfsense it's not a vlan? I dont understand? What am I missing? I have the same VLAN defined on my switch which is connected to the wifivlan on the pfsense interface....

Hoserman

@johnpoz but pfsense would be oblivious to any tagging.. since this network is not tagged by pfsense..

So how do I get PFSense to tag the network?

JKnott

@Hoserman said in Multiple NIC ports with different VLANs connection to switch:

So how do I get PFSense to tag the network?

By adding a VLAN to an existing network. However, as I pointed out, it appears you can do what you want by applying the VLAN at the switch.

I have a VLAN here for my guest WiFi. It is on the same interface as my main LAN. This is what you can do in pfSense. Based on your description, you want an interface to be used entirely for a VLAN. Just configure the switch port to be whatever VLAN you want it to be and everything will be fine. No need to enable the VLAN on pfSense.

johnpoz

@Hoserman Why do think you need to tag this network?? How many networks are you going to carry over the wire from pfsense port to the switch port.. 1 then there is no need to tag..

When you create a vlan in pfsense - ie this..

They are tagged - because they are all going to go over 1 wire..

See my assignments from above

All those networks flow over 1 wire - the igb2 interface to the switch port.. So pfsense and the switch can tell what traffic is what, it has to be tagged..

So the switch the port is configured like this

interface gigabitethernet5
 description "sg4860 WLan and vlans"
 switchport trunk allowed vlan add 4,6,110,1011
 switchport trunk native vlan 2

So vlans 4,6,110, and 1011 are tagged.. See where it says the native vlan for this port is 2, this is vlan 2 on my switch.. This is the native network on the igb2 interface..

So create a vlan on your switch, maybe 4 since your network is 192.168.4/24 - and put your port in access mode, no tag in vlan 4 on your switch... Then put any other ports on this switch where you want them to be on that network also in vlan 4 on your switch..

Hoserman

@johnpozI have 2 Nic cards. What I want to do is separate my vlans on Separate Nic wires. Is that doable. What you describe is having my vlans go over one Nic Port wire. I am concerned about bandwidth. In the PFSense documentation it talks about connecting to pfsense via a trunk.

johnpoz

@Hoserman Really dude.. I am really at a loss on how else to explain this too you.. I showed using tags for when your going to carry more than 1 vlan over the wire.. Have already stated multiple times that you do not need to create vlans or tags on pfsense if your just putting the network native on the interface in pfsense.

Your interface lan - this is a native network.. All switches default vlan 1 it is not tagged.. Create another vlan on your switch, lets call it vlan 4.. Now on the port your other interface on pfsense that is connected to put that port in vlan 4 on your switch.. No tags.. Now put another port that you say connect your laptop too and on your switch put that in vlan 4 on your switch..

There you go your new 192.168.4 network is isolated from your lan network.

JKnott

@Hoserman said in Multiple NIC ports with different VLANs connection to switch:

What I want to do is separate my vlans on Separate Nic wires.

As I said, you do that at the switch. You only have to use VLANs in pfSense if you're carrying more than one network over one interface, as in my example.

ahking19

@Hoserman you are confusing the terminology of VLANS with separate networks.
VLANS = multiple virtual networks with a single parent NIC

You have two NICs, well assuming you have at least 3 with one being your WAN, each NIC is a discrete physically separate network. Nothing virtual about it.

Hoserman

@johnpoz I'm just learning about this stuff as I hope you can tell. I understand your impatience but you act as if everyone out there knows what your talking about without explaining yourself in simple to understand terms rather than repeating the same "That's Not A VLAN." Ok maybe you could explain what your concept is of a VLAN Is.
I too have lost patience with you as I stated earlier.
But now that we have gotten to this point and you have explained yourself I Thank you for your assistance.

johnpoz

@Hoserman said in Multiple NIC ports with different VLANs connection to switch:

"That's Not A VLAN." Ok maybe you could explain what your concept is of a VLAN Is.

read @ahking19 post..

Hoserman

@ahking19 Thanks, I understand now.

Hoserman

@JKnott Thanks, I'll do it at the switch level.

Hoserman

@JKnott Hi jknott

So, I can delete the vlans I created in PFsense and just create the vlans on the switch?
Will the switch block the traffic between the vlans?

JKnott

@Hoserman said in Multiple NIC ports with different VLANs connection to switch:

@JKnott Hi jknott

So, I can delete the vlans I created in PFsense and just create the vlans on the switch?

Yes.

Will the switch block the traffic between the vlans?

Yes.

Hoserman

@JKnott Thanks, I appreciate the help...

coxhaus

@Hoserman
You were confusing layer 2 and layer 3 traffic. Be careful not to create a routing loop. STP is your friend when working with multiple networks. STP is Spanning Tree Protocol which you want to use to protect your network. There are at least 3 versions of STP that come to mind right now. Some converge faster than others.