PfSense WAN access via VLAN

J.One · Jul 23, 2017, 1:25 PM

Hello everyone,

I'm struggling to get my setup online.

My setup:

Intel nuc with ESXi –> Pfsense and other vm's
Intel Nuc is connected with TomatoUSB router with VLAN setup. --> One for LAN and one for WAN.
Tomato router is connected to provider modem/router to provide WAN access.

The problem:

pfSense receives an IP via DHCP of the providers Modem but is unable to ping outside, say 8.8.8.8
It doesn't matther what I try, I can't get outside...

Can somebody please help me?

https://ibb.co/imz3FQ

https://ibb.co/b9uZpk

https://ibb.co/edqkvQ

https://ibb.co/nn6Epk

https://ibb.co/hjwQvQ

gmelis · Jul 23, 2017, 9:15 PM

Along with the IP it should receive a gateway. Can you ping that? if yes, then it's definitely a tomato issue. If not, then you can start by checking the VLANs, etc.

J.One · Jul 24, 2017, 4:43 PM

I was able to ping the gateway. But I think the issue is that the internet modem doesn't support VLAN tagging..

johnpoz · Jul 25, 2017, 10:41 AM

what would your internet modem have to do with anything??

How exactly do you have your tomato setup? You have vlan 1 in your lan bridge.. And vlan 2 tagged on port 4, so your modem is on your wan port, and then its tagged into your nuc running esxi.

Why do you have your port groups setup with vlan Ids? That will strip any taggs so now pfsense as a vm doesn't see any tags.

You need to use 4095 which will just pass the tags, then let pfsense handle the tags… Why are you trying to tag vlan 1? BTW? Just tag your wan connection and leave your lan untagged if your going to run it on vlan 1.

J.One · Jul 29, 2017, 9:59 AM

Why do you have your port groups setup with vlan Ids?
I did it to seperate the LAN and WAN traffic on the same port. I only have one pĥysical connection on my nuc.

Why are you trying to tag vlan 1? BTW?
I did it because Tomato did't allow to tag just one VLAN. It was either both tagged or none tagged.

I changed my setup since my last post here.

I was doing some research and found this post:
https://forum.pfsense.org/index.php?topic=129949.msg716186#msg716186

So now I have:

Intel NUC with pfSense virtual appliance.
A managed switch (tp link tl-sg108e)
Tomato router just functioning as wifi access point.

Here are some screenshots of the setup and the problems I still have:

http://imgur.com/IdZSGLR

http://imgur.com/a/7NiAS

http://imgur.com/a/NGp0x

http://imgur.com/a/Cq3PY

http://imgur.com/a/g4iiB

Now it looks like I can't assign the WAN interface anymore. I even (desperately) reinstalled pfSense.
So is it my VLAN setup? Or VMware? Or what I'm I doing wrong?

J.One · Jul 30, 2017, 7:14 PM

It works!

I removed the port group (VLAN ID1) in VMware.

And I had to apply the VLAN configuration on port 2.

https://ibb.co/mybBuk

Thanks for your help!