Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VLAN - Member - Just L2

    General pfSense Questions
    2
    3
    531
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      B-C last edited by

      Basically I'm thinking of using PFSense as a L2 Gateway…

      Using a Core switch to do the VLAN routing and the PFSense as the Edge Firewall & NAT.

      Center of the network in a lab building will be a 48port switch with most buildings being connected directly to it.

      Other buildings primarily wireless but wired to 24 port in each fiber uplink to Lab.

      VLANs and iprouting on switch.

      From what I see - I can't do DHCP on pfsense if it is not doing the vlan routing correct?
      Don't see DHCP unless I give the VLAN on pfsense an IP address...
      But when I give it an IP address it automatically sets up default routing for that VLAN vs just being a member and being able to untag/tag its traffic.

      I can have the switch do the DHCP scopes - will work - but its only a 1920-48G so not very advanced but works for our needs.

      I know I could just do a larger /8 /16 subnet and not have to assign the vlans to the pfsense for IPRouting - however adding the vlans will give me the ability to do traffic shaping on each VLAN if I understand correctly - is that Correct?

      INet comes from an Edge building and planning to just place the PFSense in that building vs building a non-routed vlan back to LAB and placing pfsense there - just seems be adding too many failure points for my "short fuse"...

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        huh??

        If your going to use pfsense as your edge/nat have some L3 core switch do all your intervlan routing.. Why do you have to do anything with pfsense and the vlans?  The only network pfsense would be connected to would be the transit network you setup between it and your downstream router.

        1 Reply Last reply Reply Quote 0
        • B
          B-C last edited by

          reason being is it is possible at that edge - Using a PFSense with multiple GBit Ports

          • Trunk Not necessary just was wondering if possible..

          • would have preferred for it to handle DHCP but see that isn't possible if it is not handling the Routing for the VLANs correct?

          • Just have it on the transit Network - agreed - just need to make sure add the routes for the other vlans so it knows where to send the traffic…  or yes use /16 if networks are within the B ranges - just prefer the routed method sometimes.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy