1. Home
  2. pfSense® Software
  3. L2/Switching/VLANs
  4. Trippy VLANs with configuring Netgear Smart Pro Switch GS110TP and SG1100 built in switch

Trippy VLANs with configuring Netgear Smart Pro Switch GS110TP and SG1100 built in switch

  • S

    Hey guys,

    I'm trying to configure a trunk port on my SG1100, but am not able to figure out how to make the integrated switch in the Netgate appliance work with an external 8 port switch. My eventual goal is to have four VLANS as below on the external switch (and mapped to pfSense) with everything going through the LAN port:

    1. VLAN 4091: LAN inteface; used by WiFi and Access Points
    2. VLAN 4092: SERVERS interface; used by servers
    3. VLAN 200: VOICE interface; used by VoIP devices
    4. VLAN 300: MANGMT interface; used for management
    5. VLAN 1: DEFAULT_VLAN interface; used to give IP to the switch via DHCP
      And I will WAN uplink as default which is 4090.

    Right now I have a weird config where I connect cables from both LAN and OPT1 to the external switch, and set port membership and tags on the switch to match that of VLAN uplinks in pfSense. However, this way, I am limited to two VLANS for internal stuff and because I don't want to use default VLAN, my switch cannot get a DHCP address.

    Is there any way to get this working with only one connection from pfSense and trunking that port? I tried this config out on the switch to see if I could get just the servers and access points working

    Port 1: member 4091; untagged 4091; access point
    Port 4: member 4092; untagged 4092; server node
    Port 5: member 4091; untagged 4091; tagged 1; pfsense LAN
    Port 6: member 4091; untagged 4091; for emergency use (management)
    Port 7: member 4092; untagged 4092; pfsense OPT1
    Port 8: member 4092; untagged 4092; server node

    And my pfsense config is this for interfaces

    Selection_004.png

    And the following for pfsense's switch VLAN config

    Selection_005.png

    The servers and access points are working fine. However, neither connecting something to one of the ports that's untagged on default VLAN (on external switch) nor the actual switch is able to get an IP address.

    If the information helps, I tried turning off 802.1q and then when I connected to my access point, I got an IP address via DHCP on the default_vlan interface subnet instead of LAN subnet. Trying to ping the router gave "network is unreachable" which doesn't make sense because I had an IP address and I allowed ICMP echo requests to the router on that interface. Also, the switch and default VLAN ports on the external switch were still not able to get IP addresses.

    I'd really appreciate an explanation as to what I did wrong and how to fix it?

    0
  • S

    I answered my own question. I should have tagged port 2 on the uplink instead of port 1. LMAO

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy