Locked out after switching to VLAN on LAN Side
-
I came across an interesting issue while setting up VLAN's.
- Create new VLAN with the parent interface being LAN
- Reassign LAN interface to the new VLAN network port
- Apply
- Inbound connectivity functional, NAT and firewall rules still working.
- Outbound connectivity lost, can't access the pfSense box anymore, can't ping.
What happened was that upon reassigning the LAN interface, the "Default allow LAN to any rule" was not updated. I had to go back into the firewall, open the rule, and just re-apply it (no changes where made).
Prior to all this I had luckily already setup a 3rd VLAN and created the default "to any" rule on the interface. Had I not done so, I would have been locked out of the firewall.
This is pFsense 2.0.1-RELEASE i386