(Solved) Firewall to Switch Connections

  • I have a very basic question as I'm ultimately trying to solve a broader problem, which I believe is asymmetric routing, due to the TCP:R denies I see in the logs.

    My pfsense box has 4 ports.

    1. WAN
    2. LAN
    3. LAGG0
    4. LAGG0

    The LAGG on ports 3 and 4 are used for vlan interfaces.

    I have a device in the LAN connected to my switch. I also have a device in a VLAN connected to the switch.

    Do I physically connect ports 2,3, and 4 to the switch? In other words, will the switch have 2 uplinks (2 and 3/4)?

  • Netgate Administrator

    It can be connected like that if you have segregated the switch ports to allow it.

    It's confusing though IMO. It would be more logical to simply assign one of the VLANs as LAN and use that over lagg0 to the switch. Maybe use the 'LAN' port on the firewall as a management interface or just leave it unconnected.


  • @stephenw10 agreed.

  • Thanks for confirming @stephenw10 .

    I will transition the server from the LAN to VLAN and leave the LAN unconnected.

Log in to reply