Setup VLANs and DHCP not working.
-
What does Packet Capture show? Do you see the DHCP transactions from both the computer and pfSense?
-
When I run the packet capture on the LAN interface its has traffic but no DHCP requests. When I run it on the VLAN2 there is no traffic at all (since nothing is connected to it I assume.)
-
What is the mode of Cisco port that connected to pfSense?
it should be in trunk mode
Switch# show run int fa 0/23
interface FastEthernet0/23
switchport trunk encapsulation dot1q
switchport mode trunk -
@herrinchris said in Setup VLANs and DHCP not working.:
When I run the packet capture on the LAN interface its has traffic but no DHCP requests. When I run it on the VLAN2 there is no traffic at all (since nothing is connected to it I assume.)
Try connecting something to a VLAN port and booting it. You should see the DHCP discover, etc.. That must happen, before you can do anything else.
-
@Zawi Currently all ports are in trunk mode. I changed a couple to general and allowed Tagged traffic only to check and no change. When I enabled the DHCP for the LAN connection (in addition to the VLAN DHCP) the connected device received an address on the LAN subnet so it is something to do with DHCP on the VLANs.
-
@JKnott I did and ran a capture. I am not seeing any traffic pass on the VLAN sub-interfaces only traffic passing on the main LAN interface. When I enabled the DHCP for the LAN connection (in addition to the VLAN DHCP) the connected device received an address on the LAN subnet so it is something to do with DHCP on the VLANs. Or since I am not seeing any traffic maybe a setup issue? I can post config pics if that helps as this is only a setup test in my lab I would change all the IP info for a live setup.
-
Try configuring a static IP on a device connected to the VLAN. Can it communicate with pfSense? With something on other subnets?
-
So I found 1 piece I missed. I didn't have the VLAN set as the PVID for the port on the switch. So now I am getting DHCP addresses handed out. However, the VLAN handed out addresses are unable to get to the internet even though the WAN and LAN ports are set correctly. When I enable the LAN DHCP I can get to the internet with one of those addresses just not the ones that I am getting from the VLANs. If I need to post this in separate question I understand.
-
You likely have firewall rules blocking it. The LAN normally allows connection by default, but not other subnets.
You'll have to create a rule to allow anthing to pass.
PfSense running on Qotom mini PC
i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
UniFi AC-Lite access pointI haven't lost my mind. It's around here...somewhere...
-
That was it! Thanks for your help, everything seems to be working now!
-
@JKnott said in Setup VLANs and DHCP not working.:
You likely have firewall rules blocking it. The LAN normally allows connection by default, but not other subnets.
I am new to vlans and have problems so far with it. What do you mean by "LAN doesn't connect to oher subnets by default"? The default is any, right?
-
@Bob-Dig
In that post, I was referring to other than the main LAN to the Internet. However, it would hold for other subnets. The general rule for firewalls is to block by default and then create exceptions for what you need. So, if you find something doesn't work, then firewall rules are a good place to start looking.
