    I am new to VLANs and could use some help.  I am tring to set up vlans between my pfsense box and a dell 5224 switch.  I am not sure if my problems exist on the router, switch, or both sides of the house.  I use to use a dlink 4 port nic for each individual network.  That card doesn't work on a riser card for some reason which means it is out of the picture since I switched cases and require a riser card to use any pci device.  I have 3 interfaces on my pfsense box; WAN, LAN, and my vlan interface.  I would like 2 vlans set up, one for a private servers network, and one for DMZ.  The Vlans are on a Realtek 8110sc interface (yea, i know realtek sucks…).  Hhat might be the problem right there however, the specs say it is capable of vlans.

    Here is my current pfsense settings:
    WAN = DHCP from ISP
    Lan =  (Has a DHCP server enabled on it)
    VLAN interface = is disabled and doesn't possess an ip address or DHCP server.
    Vlan 1 (servers) = (Has a DHCP server enabled on it)
    Vlan 3 (DMZ) = (Has a DHCP server enabled on it)

    I haven't set any rules on the vlan interface or vlans yet.  All I'm trying to accomplish at this point is receiving an ip address from pfsense.

    The dell switch is set to so I can manage it from the lan interface.  Once I get it set up to how I think it should work, I switch the up link from the lan interface to the vlan interface.  Just for testing purposes, I have all the ports assigned to vlan 1 except port 13.  On the vlan Members page, I changed port 13  to "U" (untagged) on vlan 3.  I then went to port settings and set port 13 to pvid 3.  Then I went back to the vlan members page and set port 13 to "Blank" on vlan 1.  Port 24 is my up link.  Port 24 is assigned "U" on vlan 1 and "T" (tagged) on vlan 3.  At this point I switched the up link to the vlan interface and attempted to acquire an ip address from a computer on port 13 without success.  It appears that every port must be set to "U" on at least one interface.

    For troubleshooting purposes, I tried enabling the vlan interface, assigning it an ip of and retesting it.  I also set up a dhcp server on the vlan interface.  If the computer and the up link are connected to untagged ports on vlan1, then i can receive an ip address.  But this only tells me that the interface by itself is working properly.  It doesn't do anything for me as far as vlans are concerned.

    At this point, I'm stumped.  Any help would be greatly appreciated!!!

  • Well, I think I solved it.  It appears that despite 802.1q support by my realtek 8110sc network cards, something with it lies the problem.  I believe its the driver since realtek says that the card supports vlans.  http://www.realtek.com.tw/products/productsView.aspx?Langid=1&PFid=4&Level=5&Conn=4&ProdID=9.  I attempted the same setup with a 3com pci card and it worked on the first try.  Though I doubt it will help, I think I will try installing pfsense 2.0 and see if it can get the on board gigabit realteks working with vlans.

  • 1.2.3 has the same OS base as 2.0, I suggest it instead for production environments.

  • Can someone confirm vlan on realtek 8110sc running ok in pfsense 1.2.3 ?

  • @mc_leuz:

    Can someone confirm vlan on realtek 8110sc running ok in pfsense 1.2.3 ?

    Realtek cards and something working or not working is basically a crap shoot - the hardware itself is the problem, some implementations have broken functionality in the hardware. Probably will work fine, I'm running VLANs on a 8110, but your specific card may be broken in that regard.

  • I can confirm these cards on the j7f4e1g2 mobo won't work with vlans.  Other than that, you will have to find and ask someone with a similar setup to what you plan.  If you can avoid realtek, do so as if it were the plague.

