New VLAN setup

marcelloc

well, you can use only one cable to hp-vlan switch, just tag port with all vlans you need and connect re1.

But if you need more then 100Mbit, you may need two interfaces.

A Former User

@marcelloc:

well, you can use only one cable to hp-vlan switch, just tag port with all vlans you need and connect re1.

But if you need more then 100Mbit, you may need two interfaces.

ok, i do follow what your saying, but now i dont understand the purpose of a VLAN.  in this scenario, i am not creating a VLAN, i am just creating another LAN.

i guess this is why i never tried to setup a vlan, everytime i try, i get going in 5 different directions and can never get down the basics.

thanks.

A Former User

also, if there is a better way to setup a VLAN to do some practical testing, let me know and i would be glad to give that way a shot.

thanks.

marcelloc

on your switch configure:

• wifi port with vlan 100 untaged

• firewall port with vlan 1 and 100 tagged

on firewall configure:

• vlan1 on re1 for lan interface

• vlan100 on re1 for wifi interface

• Assign dhcp range 192.168 to lan

• Assign dhcp range 10.0.10 for wifi

After this, you will have two working networks on re1.

A Former User

@marcelloc:

on your switch configure:

• wifi port with vlan 100 untaged

• firewall port with vlan 1 and 100 tagged

on firewall configure:

• vlan1 on re1 for lan interface

• vlan100 on re1 for wifi interface

• Assign dhcp range 192.168 to lan

• Assign dhcp range 10.0.10 for wifi

After this, you will have two working networks on re1.

ok.  for the wifi port on the hp switch…i will untag that...what should i do with the rest?  e?

for the firewall port, i will tag 1 and 100, but what do i with the rest...e?

marcelloc

The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch

A Former User

@marcelloc:

The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch

what about vlan100?

A Former User

vlan1

wifi vlan 100

marcelloc

change port1 vlan1 from U to T and wifi port on vlan100 toU

A Former User

@marcelloc:

change port1 vlan1 from U to T and wifi port on vlan100 toU

ok, i am going to do that now, but this is why i am confused

"The default vlan id is 1 and default configuration for all ports are vlan id 1 untag, so you do not need to do anything, just check if it's configured on your switch"

makes it seem like i need to leave everything as is on the default vlan…but like i said, i am changing it now.

A Former User

@marcelloc:

change port1 vlan1 from U to T and wifi port on vlan100 toU

when i go to make these changes on vlan1 it tells me i might lose web management connection.

also, is the wifi port, port 1 as well, or should i use port 2 for that?

marcelloc

change configuration with a machine connected to any port other then ports you are changing

leave port 1 for firewall machine as you are tagging vlan on it and use port 2 for the wifi router as you are not changing anything there.

when you use tagged ports, the machine/router plugged on this port must have vlan tags configured to work

when you use untag portsm the machine does not need to know that it is on a vlan.

just pay attention to do not use tag and untag on same port.

A Former User

@marcelloc:

change configuration with a machine connected to any port other then ports you are changing

leave port 1 for firewall machine as you are tagging vlan on it and use port 2 for the wifi router as you are not changing anything there.

when you use tagged ports, the machine/router plugged on this port must have vlan tags configured to work

when you use untag portsm the machine does not need to know that it is on a vlan.

just pay attention to do not use tag and untag on same port.

vlan1

T U U U U U U U

vlan 100 (wifi)

E T E E E E E E

is what i should end up with?

marcelloc

this way:
vlan1

T E U U U U U U

vlan 100 (wifi)

T U E E E E E E

port 1 firewall

port 2 wifi

A Former User

@marcelloc:

this way:
vlan1

T E U U U U U U

vlan 100 (wifi)

T U E E E E E E

port 1 firewall

port 2 wifi

ok, so once a port is tagged, it has to be marked as tagged in every vlan you create?

i just made those changes…moving to pfsense now.

A Former User

here is pfsense setup

i am not done, i am stuck, here.

i cant set two things on re1.  only one at a time.

marcelloc

Lan will be vlan1 on re1 and opt1 will be vlan100 on re1.

Disconnect re2

A Former User

and then i can plug in my 16 port netgear into a port on the HP that i didnt configure yet…we forgot to calculate that.  everything on that 16 port netgear is on 192.168.1.0 /24 network...do i need to tag another port on the hp vlan switch?

so it will look like this

isp-----cable modem-------pfsense-------hp vlan switch--------16 port netgear

marcelloc

Or use re2 as opt2 to connect netgear.

A Former User

@marcelloc:

Or use re2 as opt2 to connect netgear.

but isnt network 192.168.1.1 already existing on re1?