Trying to get VLANs working with TP-Link TL-SG1016DE switch
-
I've been trying to get VLANs working, this is my first adventure into this area. I want to put all my IOT things on the new VLAN to remove them from my internal network.
router is connected to the switch on port 16
VLAN ID 10 is on port 1
PFsense v2.3.5I created the VLAN and associated it with the LAN interface
I then added a Default Firewall rule and enabled DHCPWhen I connected a device to port 1 of the switch gets a Lan IP, not a Guest_10 IP.
If I remove port 16 as an untagged port for the VLAN, I don't get anything.
It seems I'm close, but for whatever reason the packets aren't getting tagged?
Any help is appreciated, I hope I included the useful information.
thanks
david
-
Try:
VLAN 1: member ports: 2-16 (Untagged)
VLAN 10: member ports: 1 (Untagged) & 16 (Tagged)
Port 16 –> pfSense
Port 1 --> IOT
-
I can't change VLAN1, that is the default in the switch.
I did change VLAN10 as you described and I can not get an IP via DHCP. I cannot get out to the internet though.
I'm confused why port 16 is the one that is tagged. Wont this tag all my other untagged packets?
thanks
david -
As has been discussed in other threads, TP-Link switches have a problem in properly handling VLANs. Someone posted a fix for some models, but I don't know how well it worked out.
-
I switched the port assignments and it is now working.
Port1 -> pfsense
port16->IOT deviceNow that I understand, at least I think, that a tagged port is expecting tagged packets, instead of tagging them.
thanks for everyone's help,
david -
Now that I understand, at least I think, that a tagged port is expecting tagged packets, instead of tagging them.
No, a tagged port is an access port that accepts untagged frames and then tags them. A trunk port accepts all frames, tagged or not.
