VLAN not connecting



  • Having trouble with VLAN onV 2.3.1

    3 VLANs setup on NIC (not LAN)

    firewall set allow from -  to each interface .address  NAT - allow

    VLAN not seeing anything when checked via Ethernet to laptop VALN tagged connection  - no switch just NIC to PC via cable

    Has anyone got VLAN working on 2.3.1?



  • @fin100:

    Has anyone got VLAN working on 2.3.1?

    Of course, many people have.

    Your laptop almost certainly isn't VLAN tagging traffic.



  • Your laptop almost certainly isn't VLAN tagging traffic.

    I was assuming that since the connection being used was set up with a VLAN ID it was tagged as such (Linux Mint VLAN connection)

    Maybe I'm missing something here?



  • No idea how Linux Mint's VLAN config works. If you tell it to tag a VLAN ID, it should do so. Configure the same tag on both sides, assign it and configure its IP accordingly, and it should work. tcpdump on the parent NIC with -e will show if it's VLAN tagging.



  • Thanks for the info – am totally new to networking as just come from ddwrt router Trying to test setup via ethernet before connecting AP
    Mint is Ubuntu and has ethernet connection capability for VLAN id so this was set with dhcp. The VLAN interface was set to static (address give seemed correct  with ifconfig) But cant even ping back to Pfsense box

    am getting a firewall block log even though its has allow from interface.net to vlan.net and NAT allow. I'm trying to create 3 separate VLANs with 2 VPNs and 1 clear net sent to 1 wireless AP (unifi AP) with VLAn tagged SSIDs

    any help would be much appreciated





  • Galactic Empire



  • If that interface shown in the block logs is your VLAN, then the VLAN part of it's fine since you're getting traffic there. You don't have any matching rules on that VLAN to pass traffic.



  • Thanks for the info

    Firstly, I am assuming that I don't need to reboot the box after a firewall change.

    Secondly, access to the WEB interface on the LAN (10.0.0.10) is ok via CLEAR_NET VLAN connection – but not the outside world.

    Its driving me crazy as my VLAN interfaces are OPENVPN_1,  OPENVPN_2 and CLEAR_NET

    Firewall set to allow WAN to CLEAR_NET  (10.06.1/24) dchp

    allow OPENVPN_1 (interface) to OPENVPN _1_VLAN (10.0.4.1/24) dhcp

    Allow OPENVPN_2 (interface) to OPENVPN_2_VALN (10.0.3.1/24) dhcp

    And still getting blocked

    As the WAN has outside (internet) on it creating a rule to allow to the VLAN interface to WAN should allow access to the outside world on that VLAN

    The WAN rule is already set all to all

    The more I try to get to the bottom of it the more confused it becomes

    There is obviously something seriously wrong here but I'm failing to understand what it is. Can anyone put me out of may misery?



  • How do you connect from the laptop to pfSense? Is there a switch in between? Maybe that is not supporting vlans?



  • No switch at moment tho they are planned (vlan capable) just trying to set up the 3 VLANs at the moment - when done there will be 3 wifi ssids on one Unifi  ap and wired equivalents
    I'm thinking it must be a firewall problem as it is allowing connection to the gui and I can edit the pfsense settings from the vlan connection via the pc - just can't get to the WAN