Vlan does not work between Pfsense and hp 1820 48g switch

Antonio Carlos Santos · Jul 2, 2019, 6:24 PM

Hello, I configured the Vlans correctly on both the switch and Pfsense and it does not work, I do not distribute the IPs on the created networks, I would like some help on this part, thank you.

johnpoz · Jul 15, 2019, 11:20 AM

If you want any help your going to have to provide more details..

If had done it "correctly" then it would be working.. So your going to have to tell/show us exactly what you did if you want us to help you find where there is a problem.

Antonio Carlos Santos · Jul 15, 2019, 11:28 AM

This post is deleted!

Antonio Carlos Santos · Jul 15, 2019, 11:32 AM

@johnpoz Hello, I have pfsense version 2.4.4-RELEASE-p2, and the HP 1820 switch, I configured the vlans correctly, both in firewaal and switch, and only works on vlan 1, which is the default, redirects the ports to the mains , this on the switch, and does not work, does not arrow the IP, I made several attempts and does not work. I would like to know if anyone has come across this situation and if there was any solution, because I have already searched in various forums and I did not find a precise solution to my problem.

johnpoz · Jul 15, 2019, 11:47 AM

And how is that details of how you set it up..

What is the config for your vlans on pfsense, what are the config for your switch.

On your lan port of pfsense, you added some vlans, ID 10,20,30 etc.. Show us this..

You then on port of your switch port connected to lan port you created vlans and tagged them 10,20,30 on your switch. Other devices you want on vlan 10 for example would be untagged on the port that device is connected to.

Then on the vlan interface you gave it an IP, and enabled dhcp server? etc.. Happy to help - but all your saying is you did it correctly but not working.. And again if you did it "correctly" it would be working ;)

example - here is config of my switch port connected to igb2

sg300-28#sho run int gi5
interface gigabitethernet5
 description "sg4860 WLan and vlans"
 switchport trunk allowed vlan add 3-4,6-7
 switchport trunk native vlan 2
!
sg300-28#

Here is the pfsense configuration for the vlans.

Here is all the vlans on the switch

sg300-28#sho vlan
Created by: D-Default, S-Static, G-GVRP, R-Radius Assigned VLAN, V-Voice VLAN

Vlan       Name           Tagged Ports      UnTagged Ports      Created by    
---- ----------------- ------------------ ------------------ ---------------- 
 1           1                                                      S         
 2         Wlan          gi7,gi24,gi26    gi5,gi9,gi11,             S         
                                          gi19-20                             
 3          DMZ             gi5,gi7       gi3,gi6,gi16-18,          S         
                                          gi24                                
 4         W_PSK       gi5,gi7,gi9,gi11,         gi27               S         
                       gi24                                                   
 6        W_Guest      gi5,gi7,gi9,gi11,                            S         
                       gi24                                                   
 7        W_Roku       gi5,gi7,gi9,gi11,         gi8                S         
                       gi24                                                   
 9           9                gi24        gi2,gi4,gi7,gi10,         D         
                                          gi12,gi14,gi26,                     
                                          gi28,Po1-8                          
 10      disabled                            gi15,gi21-23           S         
 19      multipath                                                  S         
 99         wan                                gi1,gi13             S         
172       transit                                gi25               S

Your going to have to provide some "details" of what you actually did if you want us to help you find where the problem is.

You can see some other ports on the switch the vlans are tagged, and other they are untagged. Where the vlans are tagged they run to other devices that will handle the tags, other switch, access points, etc. And the untagged are where there are devices that are on that specific vlan.

Antonio Carlos Santos · Jul 15, 2019, 11:55 AM

@johnpoz said in Vlan does not work between Pfsense and hp 1820 48g switch:

Your going to have to provide some "details" of what you actually did if you want us to help you find where the problem is.
You can see some other ports on the switch the vlans are tagged, and other they are untagged. Where the vlans are tagged they run to other devices that will handle the tags, other switch, access points, etc. And the untagged are where there are devices that are on that specific vlan.

OK, I'm going to send some settings from my pfsense and in swuitch, the hp 1820 switch, the text mode interface is not available, so I'm sending the graphical interface.

johnpoz · Jul 15, 2019, 4:10 PM

Well you have the vlan Untagged.. Yeah not going to work... And then you have vlan 1, excluded - so don't see how any traffic would get to I would assume your lan which is the physical interface the vlan is attached too? So your actually connecting vlan 20 to the native network on that port since its not tagged.

You didn't post that screenshot.

See my point about doing it "correctly" ;) Users always say they did ABC, but not working - come to find out they actually did XYZ.. or ABD..

Have to see what you "actually" did to help you find out where the issue is.

If you have this vlan 20 running on your lan interface which is vlan 1... Then vlan 1 would be untagged and vlan 20 would be tagged.

Antonio Carlos Santos · Jul 18, 2019, 1:10 PM

Hello, sorry for the delay in answering. I made the settings as indicated, and still presents the same problem, when it is Tag in VLan 20, and deleted in VLan 1, the internet does not work and does not serta the network IP, the switch does not consider the settings.

johnpoz · Jul 18, 2019, 1:43 PM

And what is the setting you have on the device connected to some other port that you want to be on that vlan? If you want say your computer to be on that vlan, then vlan 20 would be UNTAGGED for the port that device is plugged into.

Antonio Carlos Santos · Jul 26, 2019, 5:20 PM

@johnpoz said in Vlan does not work between Pfsense and hp 1820 48g switch:

And what is the setting you have on the device connected to some other port that you want to be on that vlan? If you want say your computer to be on that vlan, then vlan 20 would be UNTAGGED for the port that device is plugged into.

Sorry for the delay in responding, put the configuration of UNTAGGED and it did not work, I've done several tests and it does not take ip, I'm giving up this switch, imagine not talking to Pfsense.

johnpoz · Jul 26, 2019, 5:30 PM

here this is how it would be setup

pfsense --- vlan20T, vlan1U --- switch --- vlan20U --- pc

The pvid settings on these ports would be 1 for where vlan 1 is untaged connected to pfsense, the pvid for port connected to pc would be 20..

Some switches do this without any way for you to edit it, other do not..

All a pvid does its tell the switch traffic without a tag that is entering this port from the network will be on this Vlan..

Does pfsense see the dhcp discover from your PC? If not then yeah you got something wrong and no your never going to hand it an IP.. You sure dhcpd is running on your vlan interface, etc.

You sure your switch is actually in dot1q mode vs port mode for vlans?