4. SG200-26 Layer-2 switch InterVlans not working.

SG200-26 Layer-2 switch InterVlans not working.

  • M

    Hello guys.

    This is just for my home-lab learning. Just for testing and learning. I read all vlans configuration including layer-3 switch with all kindly  answered by johnpoz here. But still I can't make the intervlan working. All I did to test is just ping from vlan to vlan but give me "Request time out" error.

    I can browse to internet from all my vlan. But cannot talk to each other using ping.

    I also tried to put gateway and static route in the configuration, but maybe i put it wrong. Maybe someone can tell me what ip should i put it there.

    Thanks.




    0
  • LAYER 8 Global Moderator

    Where are you vlan interface settings on pfsense?  You show rule on what interface?

    If your tagging both those vlans, then igb3 would need 2 vlan interfaces on it with those tags, and then the rules on those interfaces to allow it.

    Are the devices in these vlans getting dhcp from pfsense?  Can they ping pfsense IP in the respective vlans?

    Lets see your sg200 config for your trunk port, and then config of one of your other interfaces in vlan 50 or 60.

    You would not need any sort of static route or gateway on pfsense for these vlans directly attached to it at layer 2.  your devices in these vlans would yes need to point to pfsense IP in that vlan as its gateway.

    0
  • M

    Thanks Johnpoz.

    Yes, all my connected pc has their own ip according their vlans.

    And yes, they all can ping 192.168.11.1, 192.168.50.1, 192.168.60.1

    Anyway, I'll post all my configuration.

    P/S: I also disabled windows firewall to make this ping happen.














    0
  • LAYER 8 Netgate

    If you are testing from LAN you are policy routing all traffic from LAN out the LOADBALANCE gateway group.

    That will also catch traffic destined for the other VLANs and route it straight out the WANs.

    https://doc.pfsense.org/index.php/Bypassing_Policy_Routing

    0
  • M

    @Derelict:

    If you are testing from LAN you are policy routing all traffic from LAN out the LOADBALANCE gateway group.

    That will also catch traffic destined for the other VLANs and route it straight out the WANs.

    https://doc.pfsense.org/index.php/Bypassing_Policy_Routing

    Is this correct?


    0
  • LAYER 8 Netgate

    Yeah that will exclude the 50 and 60 networks from policy routing.

    0
  • LAYER 8 Global Moderator

    You could just use the netname net alias as well… Leads to less mistakes this way on typo's and masks, etc.

    I don't see any hits on those rules.. Are you asking because its not working?

    0
  • M

    @johnpoz:

    You could just use the netname net alias as well… Leads to less mistakes this way on typo's and masks, etc.

    I don't see any hits on those rules.. Are you asking because its not working?

    Yes, thanks I will create alias as well.

    And yes no hit if I try to use ping command. But when I tried rdp(remote desktop), strangely I can access the desktop. I wonder why. I've already disabled both pcs windows firewall to let the ping go through, but still 'request timed out'.

    0
  • LAYER 8 Global Moderator

    There is no need to create an alias.  All your networks you create n pfsense will automatic have a listing and will be in the destination dropdown when you create the rule…

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy