Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    InterVlan Routing, Layer 3 switch & Pfsense

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    4 Posts 2 Posters 783 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fraschm
      last edited by fraschm

      Trying to configure pfSense I have running on my server in a VM. The LAN ip is 192.168.20.254. I have dhcp and vlans configured on my switch. pfSense is connected to port 5 on the switch, does the port have to be in trunk or access mode since the vlans are on the switch and not in pfsense?

      My current network map:
      0_1546920499500_Network Map.png
      pfSense gateways config:
      0_1546920555800_pfSense Gateways.png
      pfSense static routing: I haven't yet configured static routing on pfsense as I'm not if it has to be done.
      Switch VLANs, Ports and Interfaces:
      0_1546920592700_Switch VLANs and SVI.png
      Switch Port to VLAN Membership:
      0_1546920617400_Switch port membership.png
      Static routing on switch:
      0_1546920641000_Switch Static Routing.png

      I have the default gateway on my switch set to pfsense's LAN ip. Currently the only devices that are able to access the internet are those running on VLAN 20. Haven't yet figured out why devices from VLAN 1 and VLAN 30 are unable to access the internet.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You can upload your images like this:

        0_1546920373571_Screen Shot 2019-01-07 at 8.03.59 PM.png

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        F 1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          0_1546920516232_pfSense-Layer-3-Switch.png

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 1
          • F
            fraschm @Derelict
            last edited by

            @derelict Fixed the pictures, thanks. And Under Gateways I have 4 interfaces, WAN, LAN, OPT1 and OPT2.

            I should rename OPT1 to L3_SWITCH and set the IP to 192.168.0.25 (an IP on VLAN 1).
            And I should static route 192.168.0.0 to L3_SWITCH (192.168.0.25). Would I also have to do this for every other VLAN?

            EX:
            VLAN 10: 192.168.10.3 to L3_SWITCH (192.168.0.25)
            VLAN 20: 192.168.20.3 to L3_SWITCH (192.168.0.25)
            ETC or do I just need the route for 192.168.0.0?

            Thanks,
            MF

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.