Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Seperate subnets on the same physical NIC with VLANs

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    6 Posts 2 Posters 718 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SDcrockz
      last edited by

      I'm fairly new to VLANs, so apologies for my misunderstanding, maybe...

      I got my home network behind the pfSense box and would like to add another network for VMs running on an ESXi server. I've created a new port group on ESXi with the VLAN ID 10 as well as an interface in pfSense with VLAN ID 10 that uses the same physical NIC as my LAN network (https://i.imgur.com/05gOGwl.png) (https://i.imgur.com/4tww4KC.png). If I create a VM in that port group now it doesn't get a DHCP address (as it should be), but when I add a static IP to it in the same subnet as the VLAN Interface, the VM can't ping the pfSense box.

      What am I missing?

      To add: All my switches are unmanaged, not sure if that matters but tagging should be done by the vSwich/Port group and pfSense anyway if I'm correct.

      1 Reply Last reply Reply Quote 0
      • GrimsonG
        Grimson Banned
        last edited by Grimson

        Your are using a /32 for your VLAN address, that's a single host not a network. And if you want to use DHCP you'll need to enable the DHCP service on your new network.

        You should learn the basics of networking first, or at least thoroughly read the pfSense book: https://www.netgate.com/docs/pfsense/book/

        S 1 Reply Last reply Reply Quote 0
        • S
          SDcrockz @Grimson
          last edited by SDcrockz

          @grimson Thanks... I completely overlooked that and set it to /24 now. However, I am still unable to ping the device.

          This is the configuration of the interface of my VM: https://i.imgur.com/3ByIZw1.png

          Also, I don't want DHCP on that network. At least not now.

          GrimsonG 1 Reply Last reply Reply Quote 0
          • GrimsonG
            Grimson Banned @SDcrockz
            last edited by

            @sdcrockz said in Seperate subnets on the same physical NIC with VLANs:

            @grimson Thanks... I completely overlooked that and set it to /24 now. However, I am still unable to ping the device.

            Did you create firewall rules for your new network? Probably not.

            S 1 Reply Last reply Reply Quote 0
            • S
              SDcrockz @Grimson
              last edited by

              @grimson I did actually create one that allows everything, just to start, but it still just says Destination Host unreachable.
              https://i.imgur.com/yQFABBU.png

              1 Reply Last reply Reply Quote 0
              • GrimsonG
                Grimson Banned
                last edited by

                Then start following the manual: https://www.netgate.com/docs/pfsense/routing/connectivity-troubleshooting.html and if this isn't enough capture packets on both sides to see where it fails.

                Btw. if you really want to use VLANs get managed switches, unmanaged switches can strip/mess up VLAN tags.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.