SG-1100 VLAN



  • Background
    Interfaces
    03fb733d-7241-42b9-b2bf-4d2330ee4f98-image.png

    5f9c2e9b-43c3-4200-9719-69cfc920d075-image.png
    Switches
    9a2d0029-25e2-4825-957f-4268beae0f84-image.png
    DHCP
    ad9cafeb-68ae-479a-a375-40e35215ed55-image.png
    Netgear Switch
    74fd7004-f340-4284-b46d-46f3c9eefcb8-image.png

    My Question:
    Hi All
    Just cant get VLAN to work on SG-1100. See settings above on PFSENSE and Netgear Switch.
    Devices on switch are not getting an IP. Any ideas?


  • Netgate Administrator

    The SG-1100 settings look good. We need to see the other screens from the switch.

    Steve



  • Hi
    I have a slightly similar problem with my SG-1100.

    The SG-1100 is my router in a network with a Unifi switch (24port POE) and some Unifi AP's.
    With the SG configured similarly as above (VLAN and all), I do get an IP from the DHCP for my wifi devices, but I cannot ping anything on the same VLAN or reach the internet. I have a rule in place to allow traffic into the VLAN. But nothing happens.

    I have a SG-3100 as well as pfSense setup in a VM with the exact same config (Unifi switch and AP's) and this just works without a problem. There must be something else you need to do in order to get the the SG-1100 to VLAN.

    John


  • Netgate Administrator

    If it is pulling DHCP leases then the VLANs are working correctly, assuming the leases really are coming from pfSense.
    DHCP will work without any firewall rules (automatic rules are added when you enable it) but nothing else will si be sure you have added rules for the required access on the new interface.
    Traffic between clients on that subnet does not go through pfSense at all, it cannot block it. That is probably client isolation in the access points or switch preventing it.

    Steve



  • Hi Steve
    Thanks for the feedback.
    Of course it turned out to be a simple thing:
    Had the rule to do tcp (?) Changed it to “any” and it worked. 😉
    John


Log in to reply