• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

No internet on VLAN interfaces

Scheduled Pinned Locked Moved Routing and Multi WAN
6 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    vukomir
    last edited by Sep 24, 2012, 4:12 PM

    Hi,

    I have set up a PFSENSE bx with 3 NIC's
    2 X WAN configured load balance
    1 x LAN with 4 VLAN's

    and created ruls so that vlan1 can access vlan2 and not access vlan 3 and vlan 4

    my problem is that i don't have internet access on the vlan's because i took out the rule that redirected all trafic to the GW, if i add the rule from the second image i will be able to access other vlans.

    can you please help me with this problem.

    Thanks.

    Untitled.png
    Untitled.png_thumb
    Untitled2.png_thumb
    Untitled2.png

    1 Reply Last reply Reply Quote 0
    • H
      heper
      last edited by Sep 24, 2012, 4:52 PM

      you shouldn't be able to access other vlan's if you add that allow rule with specified gateway.
      i have simalar rulesets on a couple of firewalls.  do you have some special nat or floating rules or overlapping subnets ?

      what you could do however is create an alias and insert all the subnets of the Vlans but not WORKLAN
      then adjust the bottom rule and specify the destination as "NOT" <alias>but as i said, this shouldn't be required, big chance something else is wrong somewhere</alias>

      1 Reply Last reply Reply Quote 0
      • V
        vukomir
        last edited by Sep 24, 2012, 5:07 PM

        Hi Heper,

        I have attached my configuration from the vlan  200.
        in this case i can ping vlan 300 but if i take out the rule where the GW is LB i will not be able to ping VLAN300

        Thanks.

        Untitled.png
        Untitled.png_thumb

        1 Reply Last reply Reply Quote 0
        • V
          vukomir
          last edited by Sep 24, 2012, 5:30 PM

          I don't know if this influence anything but i forgot to mention that i have a squid on the same pfsense box.

          Thanks.

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by Sep 24, 2012, 8:30 PM

            whats the use of the the pass rule worklannet –> worklannet?

            1 Reply Last reply Reply Quote 0
            • V
              vukomir
              last edited by Sep 25, 2012, 11:52 AM Sep 25, 2012, 11:43 AM

              Hi heper,

              The rule allows clienta on the same VLAN to comunicate, if i take out that rule i will be able to access client on the same VLAN.

              so..my configuration is the folowing:

              VLAN200 WorkLAN
              VLAN210 WLAN
              VLAN220 ServerLAN
              VLAN230 Management VLAN

              VLAN 200 can access clients from  VLAN 200 and VLAN 210 but can't access VLAN 220 and VLAN 230
              VLAN 210 can access clients from VLAN 210 and VLAN 200 but can't access VLAN 220 and VLAN 230

              VLAN 220 can access clients from VLAN 220 and VLAN 230 but can't access VLAN 200 and VLAN 210
              VLAN 230 can access clients from VLAN 230 and VLAN 220 but can't access VLAN 200 and VLAN 210

              I need internet access only on VLAN 200 and VLAN 210, at this moment i have squid configured on VLAN 200 and VLAN210

              please let me know if it's clear now?

              Thanks.

              1 Reply Last reply Reply Quote 0
              1 out of 6
              • First post
                1/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received