VLAN Routing Not Occurring

  • Hello, I have a Netgate FW-7541 that I want to be VLAN aware on a single LAN port in order to provide vlan routing of multiple internal networks. Firmware version is 2.2.6.
    My setup:
    Netgate e0 is LAN with and the gateway is .1 (assigned to the interface). DHCP enabled.
    Netgate e1 is LAN with and the gateway is .1 (assigned to the interface). DHCP enabled. I've assigned vlan 3 and vlan 99 to e1.
    Netgate e2 is LAN with and the gateway is .1 (assigned to the interface). DHCP enabled.

    I have a managed L2 switch connected from port sw 1/24 to e1 on the Netgate. dot1Q tagging is enabled on that port also with VLANs 3 and 99 (this is considered my trunk to the Netgate). On sw 1/1, I have a client PC and the port is assigned vlan 3 with untag vlan set.

    Here's what I am experiencing: The client on 1/1 is not receiving a DHCP address, but when connecting to Netgate e1, it does. Also, when I set a static address on a client connected to switch 1/1, I cannot ping the gateway address on e1. Essentially, it seems like the Netgate is not participating with the switch's port as a trunked peer.

    Any ideas to where to look?

  • Rebel Alliance Netgate Administrator

    Firmware, 2.2.6 is old, outdated and insecure.

    You should update.

  • LAYER 8 Netgate

    You need to assign layer 3 interfaces to pfSense for the VLANs. They will be separate virtual interfaces.


    Yeah. And update. That is ancient and insecure.

  • @Derelict I think you nailed it... I didnt see that option because I had used all the interfaces with network assignments, but sure enough, after creating VLANs under "assignments" and then going back to "Interfaces: Assign network ports", they show up as an option to assign to the network ports. Thanks and I will test later.

    Regarding the update, the current NETGATE appliance I have (no longer for sale) says that its running the most current version. Is there another way to update?

  • LAYER 8 Global Moderator

    I would download the current install for your appliance, and take a backup and do a clean install trying to upgrade from such a OLD firmware.. you are 2 major revisions behind your on 2.2.x and current it 2.4.4p3

  • @Derelict Do I still assign a static IP to the interface or just an IP to the VLAN and then associate the VLAN to the interface and ensure that its enabled?

  • LAYER 8 Netgate

    What? It is an interface just like any other. It has an address, firewall rules, DHCP servers, etc.

Log in to reply