Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Disable LAN interface?

    Firewalling
    5
    6
    2.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bhjitsense
      last edited by

      I used to just use a WAN/LAN setup on my 3100. I now have several VLANs. The original LAN interface (mvneta0) is no longer being used. But all the VLANs are on this mvneta0 port. I realized if I disable the LAN interface (interfaces > LAN > uncheck enable interface) then nothing works. I had to restore from a backup (autoconfig backup is nice btw!) If I no longer need this LAN interface, but need mvneta0 up, what can I do?

      C 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott
        last edited by

        I don't think you can have VLANs on a disabled interface. By disabling it, you block everything, including VLANs.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • N
          netblues
          last edited by

          You can always remove ip on interface making it non existent on L3. Obviously, if you disable interface (just like removing cable), no vlans too.

          1 Reply Last reply Reply Quote 0
          • C
            chris-1028 @bhjitsense
            last edited by

            @bhjitsense

            A late reply, and I hope you got your issues resolved long ago.
            …just wanted to share my recent discovery in case you didn’t already discover it yourself.

            I got my 3100 a few days before your first post, and then spent three miserable months trying to bludgeon the 3100 into the shape I wanted.

            8 days ago I re-configured the 3100 mvneta1 4-port switch (default-installs as “LAN”) to 802.1Q mode.
            Et voila: 4 independent ports perfectly happy to talk 802.1Q and easy to configure as (Cisco-speak) Trunk or Access ports to carry your choice of VLAN(s) tagged/untagged. (I’m using two Trunk ports, two Access ports).

            I made more progress with my config in 3 hours using 802.1Q-mode than I had made in 3 months with Switch-mode.

            …in 802.1Q mode, make sure you have SSH & GUI access from somewhere not-LAN, then Interfaces/LAN: un-tick Enable and it is GONE!

            The “sparsely” documented 802.1Q mode for 3100 mvneta1 is much better than truly wonderful!

            Chris

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              Looks pretty documented to me
              https://docs.netgate.com/pfsense/en/latest/solutions/sg-3100/switch-overview.html

              https://www.youtube.com/watch?v=NgRy14rYhV8
              Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              C 1 Reply Last reply Reply Quote 0
              • C
                chris-1028 @johnpoz
                last edited by chris-1028

                @johnpoz
                I said "sparsely ", not "un-"

                I found your first url, I did (+/-) as it said, it worked perfectly: so yes "documented" ...but you have to look hard to find that page.

                Your second url: old folk like me don't take our "documentation" from youtube: printable words are good, they allow calm reflection and filing in our internal documentation.

                802.1Q mode for 3100 mvneta1 is excellent! Wish I had found the "documentation" months ago.

                Chris

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.