L2 VLAN on Pfsense
-
Hello All,
My scenario is L3 switch >>> PFsense >>>> L2 switch.
is it possible to make L2 VLAN on PFSENSE, as we are using L3 switch for DHCP scope and SVI are configured on it. I want to communicate between L3 and L2 switch.
-
Your L3 switch upstream of pfsense is just a router upstream of pfsense. So the network that connects your L3 to pfsense wan will just be a transit network.
So sure you can do anything want behind pfsense. If you want networks behind pfsense to get dhcp from your upstream then just setup dhcp relay on pfsense.
Your going to want to turn off NAT on pfsense most likely.
-
Thanks John !!!
Do you want to say I can create just VLAN on pfsense with same id as on upstream L3 switch without configuring IP address on PFsense (L2 VLAN only) ?I understand my scenario is bit tricky but just need confirmation that in pfsense we can create L2 vlan or not ? will it be possible for you to show me how (on youtube and on net I am unable to find creation of L2 VLAN on pfsense)
-
You can if you want to use the same ID, as long as one side connected to pfsense is untagged vs tagged., since they are isolated by by L3. But you would not use the same L3 network.
Its not tricky.. Upstream and Downstream routers are used all the time everywhere. What think your misunderstanding is the difference between a vlan (layer 2 always) and a L3 network.
What you use for the ID is only going to matter with devices on those L2 networks. Unless you want to use pfsense as a layer2/bridging firewall the vlan ID have zero to do with what is on 1 side of a L3 firewall/router and the other side.
As to creating a vlan on pfsense. Its as simple as creating the vlan, assign an ID and put on your parent physical interface.
https://www.netgate.com/docs/pfsense/interfaces/vlan-trunking.html
