Need to use OPT 1 as another LAN interface
-
@Gertjan did not work,
Not getting DHCP IP.
Setup any any allow rule but still no luck.
Any other thoughts ? -
@keeshpat said in Need to use OPT 1 as another LAN interface:
Any other thoughts ?
As already stated you can not talk to another device on your network if you can not see its mac address.. Look in the clients arp table - do you see the mac address for pfsense IP?
If not then you have a connectivity issue, or you have your network address space setup wrong..
example..
$ arp -a Interface: 192.168.9.100 --- 0xf Internet Address Physical Address Type 192.168.9.8 00-1f-29-54-17-14 dynamic 192.168.9.9 00-1f-29-54-17-15 dynamic 192.168.9.10 00-11-32-7b-29-7d dynamic 192.168.9.11 00-11-32-7b-29-7e dynamic 192.168.9.75 18-db-f2-3e-44-ce dynamic 192.168.9.99 70-6e-6d-f3-11-93 dynamic 192.168.9.253 00-08-a2-0c-e6-24 dynamic 192.168.9.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.251 01-00-5e-00-00-fb static 239.255.255.250 01-00-5e-7f-ff-fa staticSee 192.168.9.253 that is mac address of pfsense interface on this network..
You can see all your interfaces and their mac status, interfaces.. See how that matches up 00-08-a2-0c-e6-24
-
@johnpoz
There is no connectivity,
Confirming the IP is in right subnet.
But I dont see pfsense MAc address when i ping.
Any other thoughts.
Create new NIC interface on VMware just to measure the NIC is not broken -
If you can not see mac - then fix vmware.. How do you have this setup - are they both VMs do you have it going to physical?
Nobody can help you figure out what you did wrong without info..
How is opt1 connected different than lan?
-
@johnpoz Confirming LAn and OPt1 has been configures same on vmware as well as on pfsense.
Both pfsense and virtual machine are connected to virtual switch.
Let me recreate the virtual switch.-- may be that help ?basically its all virtual connection
-
So on this virtual switch did you create a different port group? This is different network you wouldn't put it in the same port group.. How is that connected to physical.. Are you trying to ping from another VM on the same vswitch and port group..
If this connected to physical. Did you create a different vlan tag on this port group, on your physical network, etc. etc.. etc..
-
@keeshpat said in Need to use OPT 1 as another LAN interface:
@Gertjan did not work,
Not getting DHCP IP.DHCP server on OPT1 is set up ok ?
(same settings as the default LAN DHCP server, exception : the network)This is also shown very often :
this special case - no joke - doesn't even allow you to set up a DHCP server on the OPT1 interface (spoiler : because the max pool size would be zero ...; )
if all is well, you should have this :
and this :
The firewall rule for OPT1 (mine is called PORTAL ) :
With all these settings, which are pure clones of the default LAN interface settings, all will be ok.
If it doesn't work, change hardware, cable, switches.
Or redo whatever you use as a VM. -
@johnpoz
Physical switch :has different vlan 8 and vlan 9
Virtual switch has 2 port group : one of them is Web (vlan 8 - connected to Lan interface on pfsense ) , 2nd is DB (vlan 9 - connected to OPT1 on pfsense)
I have vm connected to LAN interface works fine. no issues there.
Vm connected to OPt1 can not even reach to pfsense.Just delete the port group and recreate it -- still same issue .
-
It's getting bigger all the time :
.....
.....
VM !
......
VLAN's !
......Take your time, a pencil and paper, and make some pictures / screen copies / whatever. Include everything. And most important : all the things we don't know ;)
-
@Gertjan
Thank you, confirming it is set exactly the same.
Still no luck.
Thank you -
@keeshpat said in Need to use OPT 1 as another LAN interface:
e ) , 2nd is DB (vlan 9 - connected to OPT1 on pfsense)
So you set vlan ID in pfsense? Or its native on pfsense? esxi will pull tags off unless you set vlan ID 4095 on the port group..
-
Look at Status > Interfaces for OPT1. Do you see any incoming packets at all?
This looks like some virtual network config issue, I agree.
Steve
-
@johnpoz I tag vlan ID on virtual port group on vmware.
No tags on pfsense. -
@stephenw10 no traffic on opt1 interface
-
@johnpoz @stephenw10 @Gertjan @marvosa
Thank you guys for your help.
I am able to resolve the issue.
Issue was on vmware side.
I had to create new NIC for pfsense and new NIC for server.
Everything is working fine now,Thanks again for your input.
Kishan
