Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Complicated XG-7100U switch configuration -- need some help please

    Official Netgate® Hardware
    3
    4
    387
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zax123 last edited by

      Hi guys,

      I've used pfSense on a lot of hardware, but I now have a XG-7100U that I need to configure with a lot of networks including some VLANs and I'm having a lot of trouble. Was hoping someone could help me out.

      Here is a written explanation of my network setup, then I'll show you screenshots of how I have it configured in pfSense:

      I have a normal, private LAN network at 192.168.9.0/24 (trunked from a switch VLAN9 on port 2)
      I have a switch management network at 192.168.90.0/24 (trunked from a switch VLAN90 on port 2)
      I have a guest, LAN network at 192.168.2.0/24 (trunked from a switch VLAN99 on port 2)
      I have a VOIP network at 192.168.1.0/24 (trunked from a switch VLAN2 on port 6)
      I have a main WAN connection on port 1 using a static IP.
      I have a guest WAN connection on port 3 using DHCP.
      I have a backup WAN connection on port 5 using PPPoE.
      I have a pfSense management network at 192.168.23.0/24 on port 7 (in case I get locked out of other ports)

      I have configured everything as per screenshots below, but I am unable to see network 192.168.1.255 from network 192.168.9.255 and vice-versa. Also I'm getting a lot of packet loss across various connections. The CPU on the XG7100 is also running at 20% or more which seems high.

      This is the first time I work with the internal switches on Netgate devices and I'm really not getting it. Any help would be really appreciated.

      Switch VLAN setup:
      0_1543791027525_0eeb11c3-00c0-4187-99c0-081670631d4b-image.png

      Switch Port setup:
      0_1543791060960_69167077-44dc-43db-bc00-b454e3fa8eff-image.png

      Interface assignments:
      0_1543791127103_00e0e65e-233c-4343-a7b3-96cc53d700e4-image.png

      Interface VLANs:
      0_1543791150640_607b28a6-8e42-41ae-90cc-48b2aa01ca1e-image.png

      I'm assuming that the various network segments (9.x, 1.x, 2.x) should be able to ping each other as long as there are no firewall rules blocking them. (I have all, all, all rules on all the interfaces for now just to get this working).

      Please let me know if you guys see any glaring problems in my setup. As I said, I'm new with all this.

      Thank you!

      Robert

      1 Reply Last reply Reply Quote 0
      • chrismacmahon
        chrismacmahon last edited by

        Please open a ticket at go.netgate.com

        Need help fast? Our support is available 24/7 https://www.netgate.com/support/

        Do Not PM For Help!

        1 Reply Last reply Reply Quote 0
        • B
          boulwarek last edited by

          If you have these VLANs configured on your switches and trunked to the XG7100, you should be tagging the port.
          For example, in your switch VLAN configuration, VLAN group 2 (VLAN 9) should show 2t,9t,10t in the members column. You are currently untagging that traffic as it is leaving the router. The same goes for any other VLAN that is being passed to a switch.

          1 Reply Last reply Reply Quote 0
          • Z
            zax123 last edited by

            Thanks, after some playing around, that setting actually fixed things for us. Thanks for the reply!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post