Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No access to pfsense over non-default vlan

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 1 Posters 594 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mauzilla
      last edited by

      Our vlan / ip layout is as follows:

      vlan1 (default management) - 10.11.0.1/24
      vlan2 (LAN) - 10.12.0.1/24
      vlan3 (voice) - 10.13.0.1/24
      vlan4 (wifi) - 10.14.0.1/24

      We have pfsense installed as a virtual machine on our server (hyper-v). The server (physical host) has 2 nics of which 1 is for WAN. I have setup external network devices for WAN, LAN and each of the VLANS above assigned to the virtual machine and have enabled vlan support for each network device with their appropriate vlan number.

      With the above in place, the default management vlan is working perfectly. WAN works as expected (PPPoE) and provides internet to the vlan1 clients.

      Vlan2 however is not as smooth. Clients on vlan2 can ping eachother (say 10.12.0.2 can ping 10.12.0.3) but none of those clients can ping the pfsense IP for that vlan (10.12.0.1) - They are also not able to connect to the internet or access the pfsense admin panel on 10.12.0.1 from the browser. I have already given the same LAN firewall rules as the default LAN (allowing all traffic with no blocks).

      I have configured the switch accordingly as well. The LAN port for the pfsense server is connected to port 24 on the switch. In the switch VLAN configuration I have assigned the untagged ports according to the network cables and port 24 is tagged. I have however tested both tagged and untagged for port 24 with no difference.

      I have also tried not setting up vlan network devices in hyper-v and only had 2 network devices (1 for wan and 1 for lan) and within pfsense had all the vlans filter through the single LAN interface, with no difference.

      I'm hoping someone can help me figure out what I am doing wrong here? Thank you in advance!

      1 Reply Last reply Reply Quote 0
      • M
        mauzilla
        last edited by

        On the pfsense shell, I can ping 10.12.0.1 (so ping itself) but also cannot ping any other the other devices (10.12.0.2, 3 and so forth).

        This appears to be a network related issue more than pfsense config. Still welcome any inputs

        1 Reply Last reply Reply Quote 0
        • M
          mauzilla
          last edited by

          I installed wireshark to see if I can figure out where the connection goes bust. I am scanning the correct Ethernet port on the hyper-v host - When I ping 10.11.0.1 - 3 I can see the packets, however, pinging 10.12.0.2 or 3 there is no packets registered in wireshark which to me appears that the request never leaves the pfsense server.

          The ping result is also sendto: Host is down

          1 Reply Last reply Reply Quote 0
          • M
            mauzilla
            last edited by

            I have also added a firewall rule for the associated interface allowing all traffic (source and destination) but still no difference.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.