PfSense WAN access via VLAN

  • Hello everyone,

    I'm struggling to get my setup online.

    My setup:

    Intel nuc with ESXi –> Pfsense and other vm's
    Intel Nuc is connected with TomatoUSB router with VLAN setup. --> One for LAN and one for WAN.
    Tomato router is connected to provider modem/router to provide WAN access.

    The problem:

    pfSense receives an IP via DHCP of the providers Modem but is unable to ping outside, say
    It doesn't matther what I try, I can't get outside...

    Can somebody please help me?

  • Along with the IP it should receive a gateway. Can you ping that? if yes, then it's definitely a tomato issue. If not, then you can start by checking the VLANs, etc.

  • I was able to ping the gateway. But I think the issue is that the internet modem doesn't support VLAN tagging..

  • LAYER 8 Global Moderator

    what would your internet modem have to do with anything??

    How exactly do you have your tomato setup?  You have vlan 1 in your lan bridge.. And vlan 2 tagged on port 4, so your modem is on your wan port, and then its tagged into your nuc running esxi.

    Why do you have your port groups setup with vlan Ids?  That will strip any taggs so now pfsense as a vm doesn't see any tags.

    You need to use 4095 which will just pass the tags, then let pfsense handle the tags… Why are you trying to tag vlan 1? BTW?  Just tag your wan connection and leave your lan untagged if your going to run it on vlan 1.

  • Why do you have your port groups setup with vlan Ids?
    I did it to seperate the LAN and WAN traffic on the same port. I only have one pĥysical connection on my nuc.

    Why are you trying to tag vlan 1? BTW?
    I did it because Tomato did't allow to tag just one VLAN. It was either both tagged or none tagged.

    I changed my setup since my last post here.

    I was doing some research and found this post:

    So now I have:

    • Intel NUC with pfSense virtual appliance.
    • A managed switch (tp link tl-sg108e)
    • Tomato router just functioning as wifi access point.

    Here are some screenshots of the setup and the problems I still have:

    Now it looks like I can't assign the WAN interface anymore. I even (desperately) reinstalled pfSense. 
    So is it my VLAN setup? Or VMware? Or what I'm I doing wrong?

  • It works!

    I removed the port group (VLAN ID1) in VMware.

    And I had to apply the VLAN configuration on port 2.

    Thanks for your help!