VLAN connectivity Issue

jcubio

Hi All,

I'm trying to set up a VLAN in our network using pFsense and cisco switches. The VLAN is to be used for guest wifi.

Please see the diagram for the setup.
vlan issue.jpg
PFsense Config:
pfsense vlan.png

Switch Config:

SW1 VLAN and PORT Assignment

sw1 port.png
In pfSense, the Guest VLAN interface has the DHCP Server enabled and the laptop is able to get the IP address.

Behavior:

Laptop can't ping the gateway, can't connect to the internet.
Firewall can ping the laptop
My workstation from default VLAN 1 can ping the gateway and the laptop
Firewall logs, default deny rule is blocking traffic from laptop's ip

Please advice
Thank you

drehmini

Your screenshot your Firewall rule only allows IPv4 TCP you'll want to change this to IPv4 - Any Protocol, not just TCP.

jcubio

Found the issue, Disabled the captive portal and it now works.
Now I need to work with the captive portal.

johnpoz

While captive portal could be blocking.. You clearly have issue there with only allowing tcp.. Unless your client is doing doh or dot there is now way he could get any dns.. DNS runs on UDP 53..

You can see right there in your block 53 to 8.8.8.8 was blocked.