DCHP on new VLAN with Cisco switch not working.



  • I've been trying for a while now to get this test network setup and what should be a simple configuration has gotten the better of me. I'm simply trying to get a DHCP address assigned to a laptop on a new VLAN I created and it's not working at all.

    I'm running pfSense 2.3.2. On the pfSense I have 2 separate interfaces configured. One for the WAN, one for the LAN.

    My physical topology is: ISP box -> pfSense eth0 (WAN) / pfSense eth1 (LAN) -> Cisco 2960-X Switch Port 1 / Cisco 2960-X Switch Port 2 ->  Laptop

    The pfSense VM has the following config:

    eth0 - WAN - xx.xx.xx.xx (ISP static IP address) No VLANs
    eth1 - LAN - 192.168.1.1/24 with DHCP server running.
    VLAN2 assigned to eth1 - 192.168.2.1/24 with DHCP server running.

    Firewalls rules are set:
    LAN interface allows all IPV4 traffic everywhere.
    VLAN2 interface all IPV4 traffic everywhere.

    Cisco 2960-X is configured as such:

    VLAN Name                            Status    Ports
    –-- -------------------------------- --------- -------------------------------
    1    default                          active    Gi1/0/2, Gi1/0/3

    2    VLAN0002                        active    Gi1/0/2

    interface GigabitEthernet1/0/1
    switchport mode trunk

    interface GigabitEthernet1/0/2
    switchport access vlan 2
    switchport mode access

    interface GigabitEthernet1/0/3
    switchport mode access

    If I plug the laptop into port 3 of the switch I get a DHCP assigned address of 192.168.1.100 and can access the Internet.
    If I plug the laptop into port 2 of the switch which is assigned as VLAN 2 I get nothing. If I manually assign an address to the laptop of 192.168.2.100 I can't access the internet, nor can I ping the gateways.

    I'm at a loss right now as to what config I've missed as everything seems to be correct.

    Thoughts anyone?


  • Rebel Alliance Global Moderator

    How is gi1/0/2 both in vlan 1 and vlan 2?



  • My mistake when pruning the information. Pasted VLAN from wrong log. Here's the proper relevant config:

    VLAN Name                            Status    Ports
    –-- -------------------------------- --------- -------------------------------
    1    default                          active    Gi1/0/3

    2    VLAN0002                        active    Gi1/0/2

    interface GigabitEthernet1/0/1
    switchport mode trunk

    interface GigabitEthernet1/0/2
    switchport access vlan 2
    switchport mode access

    interface GigabitEthernet1/0/3
    switchport mode access