• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Configured a new VLAN on procurve 1800-24G but doesnt work

Scheduled Pinned Locked Moved L2/Switching/VLANs
4 Posts 2 Posters 1.1k Views 2 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P Offline
    pftdm007
    last edited by pftdm007 Jan 1, 2025, 7:41 PM Jan 1, 2025, 7:40 PM

    Happy new year to all!

    I am trying to create a new VLAN on my network setup (pfsense 2.7.2 / switch procurve 1800-24G) and for the life of me I cannot make it work.

    My existing VLAN's are working just fine so naturally I started by more or less copying the settings one by one (of course adapting what needs to be, i.e. port numbers, VLAN id, etc....) but its still a no go.

    Basically I want devices plugged to switch ports 21 to 24 to be tagged by the switch as VLAN 210 then traffic sent to pfsense (connected to switch port 1) for fire-walling, dhcp, routing, etc...

    Computer is physically connected to switch port 24. Of course this computer cant do tagging (its a dumb desktop).

    In pfsense I created a VLAN 210 then created an interface using that VLAN. Interface setup with static IP as 192.168.210.1/24 and is enabled.

    DHCP server is enabled on that interface with allow all clients (sub range 192.168.210.10 - 192.168.210.254).

    On the procurve switch in system info you can see VLAN210 has ports 1-21-22-23-24 as members:
    2dc95ff7-badd-4b15-b5ec-cda221d600e3-image.png

    Also in VLAN pot config ports 21 to 24 allow UNTAGGED traffic and are set to assign VLAN 210 to incoming trafic (PVID).
    96772483-7a3f-4794-8737-e7adced1e272-image.png

    Note port 1 is physically connected to pfsense so all traffic is tagged.

    VLAN100 works flawlessly. Before I tried to do what I am trying to do, I had 2 other VLAN's that were configured exactly as 210 and they were working just fine.

    The computer is not getting an IP. The link is UP so this is "electrically" connected but somehow the request is not getting to pfsense's DHCP server running on the VLAN interface... Actually I see no DHCP requests in pfsense's logs so I strongly believe the request is not even getting across the switch.....

    I tried pretty much every possible combination of settings on the switch (removing port 1 from VLAN 210, tagged vs untagged, VLAN aware or not, etc etc ....). FYI connecting the computer to ports with PVID100 works flawlessly (gets an IP instantly).

    This is gotta be something simple or stupid but nevertheless I am being outsmarted by a 12 y.o. switch on new years day!

    M 1 Reply Last reply Jan 6, 2025, 11:47 PM Reply Quote 0
    • P Offline
      pftdm007
      last edited by pftdm007 Jan 1, 2025, 11:04 PM Jan 1, 2025, 11:00 PM

      This post is deleted!
      1 Reply Last reply Reply Quote 0
      • M Offline
        marvosa @pftdm007
        last edited by marvosa Jan 7, 2025, 12:02 AM Jan 6, 2025, 11:47 PM

        @pftdm007 Unfortunately, I sold my old Procurve years ago so I don't have anything to play with, or I'd share my old config.

        I'll bet it's getting confused because you're both tagging 210 and have PVID 210 configured on 21-24. The tagged 210 is probably winning which means you essentially have 21-24 configured as a trunk that only allows 210 tagged and the other traffic is likely being sent untagged on the native VLAN (1) or being dropped.

        Uncheck 21-24 in the 210 VLAN group.

        P 1 Reply Last reply Jan 7, 2025, 1:08 PM Reply Quote 0
        • P Offline
          pftdm007 @marvosa
          last edited by pftdm007 Jan 7, 2025, 1:09 PM Jan 7, 2025, 1:08 PM

          @marvosa Hello!

          I got it working a few days after initially posting here and asked the mods to delete the entire thread so people dont reply to a topic already resolved. I think they misunderstood and instead deleted my second reply to this topic. Doesnt matter now, if this thread can help people in the future or if someone replies with questions I will be glad to share/help as much as I can!

          While you replied I can tell you how I got it working.

          As of now, ports 23-24 are members of VLAN 210. Port config is set to accept "All" traffic (so untagged) and set to assign PVID (VLAN) 210 (since the ports are member of that VLAN).

          It is pretty much the same as I initially had except that between then and now, I had to reinstall pfsense completely (due to hardware failure, probably irrelevant to my VLAN issue anyways) and reset the procurve switch to defaults.

          The only thing that changed is that port 1 on the switch is set to ALL and PVID1 where as before I had it "TAGGED" with PVID "None". Mind you, the screenshots in my original post were based on old VLAN tests I did few years back when I was even more clueless than I am today ;)

          Right now switch is configured with 5 VLANs, each ports Set to "ALL" traffic and the proper PVID's set for each port. Machines connected to the ports are now getting IP's from pfsense under the proper subnet and all seems to be working just fine.

          f726d091-ee19-4833-8e07-838fd1480f26-image.png

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received