PfSense WAN access via VLAN



  • Hello everyone,

    I'm struggling to get my setup online.

    My setup:

    Intel nuc with ESXi –> Pfsense and other vm's
    Intel Nuc is connected with TomatoUSB router with VLAN setup. --> One for LAN and one for WAN.
    Tomato router is connected to provider modem/router to provide WAN access.

    The problem:

    pfSense receives an IP via DHCP of the providers Modem but is unable to ping outside, say 8.8.8.8
    It doesn't matther what I try, I can't get outside...

    Can somebody please help me?

    https://ibb.co/imz3FQ

    https://ibb.co/b9uZpk

    https://ibb.co/edqkvQ

    https://ibb.co/nn6Epk

    https://ibb.co/hjwQvQ



  • Along with the IP it should receive a gateway. Can you ping that? if yes, then it's definitely a tomato issue. If not, then you can start by checking the VLANs, etc.



  • I was able to ping the gateway. But I think the issue is that the internet modem doesn't support VLAN tagging..


  • Rebel Alliance Global Moderator

    what would your internet modem have to do with anything??

    How exactly do you have your tomato setup?  You have vlan 1 in your lan bridge.. And vlan 2 tagged on port 4, so your modem is on your wan port, and then its tagged into your nuc running esxi.

    Why do you have your port groups setup with vlan Ids?  That will strip any taggs so now pfsense as a vm doesn't see any tags.

    You need to use 4095 which will just pass the tags, then let pfsense handle the tags… Why are you trying to tag vlan 1? BTW?  Just tag your wan connection and leave your lan untagged if your going to run it on vlan 1.



  • Why do you have your port groups setup with vlan Ids?
    I did it to seperate the LAN and WAN traffic on the same port. I only have one pĥysical connection on my nuc.

    Why are you trying to tag vlan 1? BTW?
    I did it because Tomato did't allow to tag just one VLAN. It was either both tagged or none tagged.

    I changed my setup since my last post here.

    I was doing some research and found this post:
    https://forum.pfsense.org/index.php?topic=129949.msg716186#msg716186

    So now I have:

    • Intel NUC with pfSense virtual appliance.
    • A managed switch (tp link tl-sg108e)
    • Tomato router just functioning as wifi access point.

    Here are some screenshots of the setup and the problems I still have:


    http://imgur.com/IdZSGLR


    http://imgur.com/a/7NiAS


    http://imgur.com/a/NGp0x


    http://imgur.com/a/Cq3PY


    http://imgur.com/a/g4iiB

    Now it looks like I can't assign the WAN interface anymore. I even (desperately) reinstalled pfSense. 
    So is it my VLAN setup? Or VMware? Or what I'm I doing wrong?



  • It works!

    I removed the port group (VLAN ID1) in VMware.

    And I had to apply the VLAN configuration on port 2.


    https://ibb.co/mybBuk

    Thanks for your help!