New VLAN setup

A Former User

this was what i was talking about above.  i onyl have 1 lan cable going to a specific room.  if i have another vlan switch up there, can i have this setup? or something similar…?

wallabybob

Does the switch between the two VLAN switches preserve VLAN tags? If it doesn't you probably don't want to use that configuration.

A Former User

@wallabybob:

Does the switch between the two VLAN switches preserve VLAN tags? If it doesn't you probably don't want to use that configuration.

it is just a regular switch.

A Former User

@tomdlgns:

here is a pic of what i think i need to set it up as.

NOTE- i forgot to draw on there that the hp switch will still be configured as 192.168.1.20 and that ports 7 and 8 will be part of my VLAN20 (i need to create this on the HP switch, (10.0.10.1 network).

i will statically assign the wifi router as 10.0.10.2 and disable DHCP on it and left pfsense handle DHCP.

do i have this right or did i make a wrong turn somewhere?

EDIT- if i am correct and i set this up properly, my HTPC, xbox, laptop/desktop should not change and they should remain on the 192.168.1.1 /24 network.  i did not label it in the drawing, but i figured i should mention it.

does anyone advise against this?

i am on site right now and i can config it this way and do some testing.

thanks.

marcelloc

well, you can use only one cable to hp-vlan switch, just tag port with all vlans you need and connect re1.

But if you need more then 100Mbit, you may need two interfaces.

A Former User

@marcelloc:

well, you can use only one cable to hp-vlan switch, just tag port with all vlans you need and connect re1.

But if you need more then 100Mbit, you may need two interfaces.

ok, i do follow what your saying, but now i dont understand the purpose of a VLAN.  in this scenario, i am not creating a VLAN, i am just creating another LAN.

i guess this is why i never tried to setup a vlan, everytime i try, i get going in 5 different directions and can never get down the basics.

thanks.

A Former User

also, if there is a better way to setup a VLAN to do some practical testing, let me know and i would be glad to give that way a shot.

thanks.

marcelloc

on your switch configure:

• wifi port with vlan 100 untaged

• firewall port with vlan 1 and 100 tagged

on firewall configure:

• vlan1 on re1 for lan interface

• vlan100 on re1 for wifi interface

• Assign dhcp range 192.168 to lan

• Assign dhcp range 10.0.10 for wifi

After this, you will have two working networks on re1.

A Former User

@marcelloc:

on your switch configure:

• wifi port with vlan 100 untaged

• firewall port with vlan 1 and 100 tagged

on firewall configure:

• vlan1 on re1 for lan interface

• vlan100 on re1 for wifi interface

• Assign dhcp range 192.168 to lan

• Assign dhcp range 10.0.10 for wifi

After this, you will have two working networks on re1.

ok.  for the wifi port on the hp switch…i will untag that...what should i do with the rest?  e?

for the firewall port, i will tag 1 and 100, but what do i with the rest...e?

marcelloc

The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch

A Former User

@marcelloc:

The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch

what about vlan100?

A Former User

vlan1

wifi vlan 100

marcelloc

change port1 vlan1 from U to T and wifi port on vlan100 toU

A Former User

@marcelloc:

change port1 vlan1 from U to T and wifi port on vlan100 toU

ok, i am going to do that now, but this is why i am confused

"The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch"

makes it seem like i need to leave everything as is on the default vlan…but like i said, i am changing it now.

A Former User

@marcelloc:

change port1 vlan1 from U to T and wifi port on vlan100 toU

when i go to make these changes on vlan1 it tells me i might lose web management connection.

also, is the wifi port, port 1 as well, or should i use port 2 for that?

marcelloc

change configuration with a machine connected to any port other then ports you are changing

leave port 1 for firewall machine as you are tagging vlan on it and use port 2 for the wifi router as you are not changing anything there.

when you use tagged ports, the machine/router plugged on this port must have vlan tags configured to work

when you use untag portsm the machine does not need to know that it is on a vlan.

just pay attention to do not use tag and untag on same port.

A Former User

@marcelloc:

change configuration with a machine connected to any port other then ports you are changing

leave port 1 for firewall machine as you are tagging vlan on it and use port 2 for the wifi router as you are not changing anything there.

when you use tagged ports, the machine/router plugged on this port must have vlan tags configured to work

when you use untag portsm the machine does not need to know that it is on a vlan.

just pay attention to do not use tag and untag on same port.

vlan1

T U U U U U U U

vlan 100 (wifi)

E T E E E E E E

is what i should end up with?

marcelloc

this way:
vlan1

T E U U U U U U

vlan 100 (wifi)

T U E E E E E E

port 1 firewall

port 2 wifi

A Former User

@marcelloc:

this way:
vlan1

T E U U U U U U

vlan 100 (wifi)

T U E E E E E E

port 1 firewall

port 2 wifi

ok, so once a port is tagged, it has to be marked as tagged in every vlan you create?

i just made those changes…moving to pfsense now.

A Former User

here is pfsense setup

i am not done, i am stuck, here.

i cant set two things on re1.  only one at a time.