[Solved]Setup 2 VLAN in 1 port on Existing Network
-
Hello pfsense community.
I want to add new Wireless VLAN network to an existing network using the existing switch.
pfSense re1 > Managed Switch (DGS-1012-52) Port 45 >> 3 Ubiquiti AP AC HD Port 39,41,43 -&- Unifi Controller PC Port 47
• pfSense:
created two VLANs and assigned them to re1
Employee: Tag=20, Priority=0
Guest: Tag=40, Priority=0
Enabled each VLAN interface, assigned them static IPs, and enabled each of their DHCP servers accordingly
Employee: 192.168.20.1/24
Guest: 192.168.40.1/24
Added Firewall Rules to the Employee & Guest Interface
For now to ensure rules aren't the issue, it's an allow anything rule• Switch (DGS-1210-52 (192.168.0.10)):
i am trying to used the existing managed switch for the new vlan network.
Enabled 802.1Q VLANs
VLAN 1: Default VLAN/Members: 1-52/Tagged:-/Untagged: 01-38 ,40 ,42 ,44 ,46 ,48-52VLAN 20: Employee/Members: 39,41,43,45,47/Tagged:39,41,43,45/Untagged:47
VLAN 40: Guest/Members: 39,41,43,45,47/Tagged:39,41,43,45/Untagged:-
I setup WiFi SSID's for the Employee VLAN and the Guest VLAN. The Unifi AP is on port 39, 41 & 43. The unifi controller on my desktop on port 47 but i cannot ping any ap nor get dhcp on when connected to both ssid's.
please help me. thanks in advance
PS:
I based my post to this thread the only differences are I setup it on existing network.
https://forum.pfsense.org/index.php?topic=129420.0
-
so you have 2 switches? Looks like you have 2 where is the uplink between switches settings?
Also you don't seem to have any tagged vlans on the ports your AP are connected to or controller?
Until recent updates AP do not support tagged vlans for management, etc. so they need to be an untagged vlan. 1 in your case?
-
so you have 2 switches? Looks like you have 2 where is the uplink between switches settings?
Yes, Switch 1 Port 48 is connected to Switch 2 Port 48. Only 5 ports available on switch 1 which are 39,41,43,45,47
@johnpoz:Also you don't seem to have any tagged vlans on the ports your AP are connected to or controller?
I preconfigured the 3 AP to the existing 192.168.0.0/24 network . I am planning to use port 47 for unifi controller access.
@johnpoz:Until recent updates AP do not support tagged vlans for management, etc. so they need to be an untagged vlan. 1 in your case?
sorry i am still new to vlan so i cant understand.
-
"The Unifi AP is on port 39, 41 & 43"
Then vlan 1 if that is your 192.168.0/24 network needs to be untagged on these ports if you want to be able to talk to them, same with your controller it needs to be on a port that is untagged.
if your going to want to use vlans between switches then the ports connecting them should carry all your vlans tagged..
-
"The Unifi AP is on port 39, 41 & 43"
Then vlan 1 if that is your 192.168.0/24 network needs to be untagged on these ports if you want to be able to talk to them, same with your controller it needs to be on a port that is untagged.
if your going to want to use vlans between switches then the ports connecting them should carry all your vlans tagged..
thanks johnpoz it worked :)