@johnpoz

The switch = Cisco WS-C3560E-48PD-SF. Also running a 2960-CG

Re: There is really no reason for it
I am well aware that what I'm doing falls in the realm of completely unnecessary for a home network. Just a learning exercise.

I figured out the answer to my convoluted post from yesterday. You touched on it in your post but I'll type it out in my words...

From what I can tell, the pfSense LAN is the only untagged network available on the router. Changing the native VLAN on a switch, for example, to VLAN 20, would require that the ip address assigned to that VLAN be in the address range of the LAN network on the pfSense box (because it also is untagged) to maintain web access to the switch.

Key takeaway - the native VLAN on switch (untagged) should not be assigned to a VLAN network (tagged) on a pfSense box (else one loses web access to the switch). Also, the ip address assigned to native VLAN on switch must be in the same subnet as the router LAN.

Thank you. -jeff

@charles_moody said in Trunk/LAGG problem / pfSense UniFi 24-250W PoE Switch and VLANs:

Can anyone tell me how to get the switch to adopt

So this is crux of your issue?

That has nothing to do with pfsense.. Your controller and switch need to be on the same L2 network for adoption... Or you need to use L3 adoption.. This has everything to do with unifi, and not related to pfsense at all.

https://help.ui.com/hc/en-us/articles/204909754-UniFi-Device-Adoption-Methods-for-Remote-UniFi-Controllers

behind that about 10 smart-managed Netgear switches

This seems nuts - are they all in closets somewhere.. How big is this house? If you were running cable - why would all your cables not just home run back to your core switching area? Curious where exactly all these switches are?

want LAN just for troubleshooting and because it’s often stated that LAN will strip of the VLAN tags from the traffic

Huh? You can run vlans on lan just like any other interface.. So not sure what your thinking with this statement... Sure you can use lan interface as your management interface.. But it can run vlans on it as well if you want.

@CalTommo

I don't know how, if you've set up DHCP. It just works. Configuring DHCP on a VLAN is no different than on an Ethernet port. Do you have a computer you can configure for VLAN 80? If so, just plug it into the LAN side of the pfSense box and see what happens.

After you create the VLAN, under Interfaces -> VLANs, which it looks like you did correctly, you need to assign it to a valid physical interface. That is done under Interfaces -> Interface Assignments.

So, in your examples, you've created VLAN 160 on your LAN interface. After this gets setup, you should be able add the VLAN as an interface, under the dropdown "Available network ports". You've got a photo of it, but your picture says "ovpns1 (OpenVPN)". Is there anything else under that dropdown menu. The VLAN in question should be an option in there.

Jeff