4. Bridge firewall, bridge two vlans

Bridge firewall, bridge two vlans

  • S

    I have two untagged vlan interfaces on my switch, a VLAN 50 port which is connected to the WAN port of pfsense firewall and a VLAN5 port which is connected to the LAN port of the pfsense firewall.  Traffic flow is out the VLAN50 and back in on VLAN5 where my LAN hosts live on VLAN 5. 
    The switch is a Cisco 3550. 
    I see pings working, mostly but with high packet loss.  I believe the switch is getting confused becasue it sees the firewall WAN and LAN MAC's on the same port due to the bridge.
    If I put the WAN port on a separate switch it works fine. Any ideas how to make this work?
    I want to use only one switch and simply loop out one port into the firewall and then back in, obviously with the ports on different VLAN's to prevent a switch loop. 
    Incidently, I don't see and loops in the switch log or spanning tree complaints in this configuration.

    0

  • Dont use untagged traffic.
    If you want multiple VLANs to the same switch, just create multiple VLANs on the same card and assign these VLANs.
    DONT assign the real card itself.

    This thread might help you:
    http://forum.pfsense.org/index.php/topic,11193.msg62084.html#msg62084
    (Screenshots from a setup with a Netgear switch)

    0
  • C

    You may be able to get some pointers from my setup - Obviously I have a procurve switch and not a Cisco but the principles are the same,

    http://www.cheesyboofs.co.uk/home.htm


    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy