New install VLAN setup
-
Hi experimenting with VLANs and wanted to isolate my home lab onto (192.168.2.1). I have new cisco SG-300 28 port switch and a server running newly installed pfsense as router(as my old asus became wireless access point) connected to port 28 on switch (trunk)
I created a VLAN 10(192.168.2.1) (ports 18-26 switched them from trunk to access untagged) currently only have a couple esxi hosts connected to VLAN10. my entire other network(laptops, phones, pcs etc) I left as VLAN1 native (192.168.50.1)–the pfsense router and default gateway are 192.168.50.1. I created the VLAN10 in pfsense (using iceflatlines excellent guide) and used pfsense as DHCP server for VLAN10. I have port 28 joined to vlan 1UP, 10T. I initially couldn't get the esxi management network to receive a DHCP address so I set it to static 192.168.2.101 with gateway of 192.168.2.1 and it took the address as valid. However, I cannot ping any esxi hosts from my laptop (192.168.50.153) nor can I ping them from the switch, but I can ping 192.168.2.1. I obviously misconfigured something but don't understand why I can ping 2.1 and not 2.101. Any help appreciated.
thanks
-
You can ping 2.1 from your laptop because that's the interface IP in pfSense so traffic never has to leave the firewall on VLAN 10. That IP would be reachable even if it were on an unplugged physical interface.
There is a layer 2 problem between the firewall and the hosts. We would need to see how the interface is configured in pfSense and how the switch is configured to know more.
Steve
