Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Pfsense, ESXi, HP (aruba) switch vlan problem

    L2/Switching/VLANs
    3
    9
    265
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kksu last edited by

      Hi I am having trouble to get this (see picture test system) setup work OK. Problem is that I cannot ping the vlan interface from other PC that is in default vlan but I can of cource ping the pfsence IP from this PC as we as use its web gui. I can ping from pfsense using created vlan interface the switch same vlan IP and other IP addresses on that VLAN so it seems that the vlan part is OK. Problem seems to be in the routing to the vlan. I don’t seem to find what I am doing wrong can someone help me on this ?

      test system.jpeg

      pfsense interface.jpeg

      pfsense vlan.jpeg

      pfsense vlan390 interface.jpeg

      VMware vswitch.jpeg

      pfsense ping 10.60.20.2.jpeg

      pfsense lan rule.jpeg

      Vlan390 rules.jpeg

      1 Reply Last reply Reply Quote 0
      • K
        kksu last edited by

        Switch is HP (aruba) 2930F

        1 Reply Last reply Reply Quote 0
        • kiokoman
          kiokoman LAYER 8 last edited by

          nothing is hitting the vlan390 interface, probably a routing problem. you should check the aruba switch and see if it's configured as layer 2 or layer 3, to make it work like your draw, it should be configured as layer 2 (no routing should be done on the switch).

          also, what is this interface?
          Immagine.jpg
          the default untagged vlan for the switchs is usually 1, you should never tag a vlan with 1 , nevertheless i don't see that interface on the screenshot of the firewall rules

          1 Reply Last reply Reply Quote 0
          • K
            kksu last edited by

            Switch is configured as layer 2. the default vlan1 is untagged on the port that is connected to pfsense vlan1 in the interface is some thing I did try and I did forget to delete it. So the vlan1 is untagged and connects directly to pfsense lan.

            1 Reply Last reply Reply Quote 0
            • kiokoman
              kiokoman LAYER 8 last edited by

              i don't see anything wrong on pfsense config, the problem must be on the virtual switch, i think you also need a portgroup with vlan id 390 but i think @johnpoz know better

              1 Reply Last reply Reply Quote 0
              • K
                kksu last edited by

                I have similar system/config on my personal test "bench" and it works OK so that what makes this problem little strange.

                1 Reply Last reply Reply Quote 0
                • kiokoman
                  kiokoman LAYER 8 last edited by

                  this is for example how another dude had to configure his esxi to make vlan 2 pass https://forum.netgate.com/assets/uploads/files/1573222964451-ws.png
                  i hope it help

                  1 Reply Last reply Reply Quote 0
                  • johnpoz
                    johnpoz LAYER 8 Global Moderator last edited by

                    If you want esxi to pass tags to pfsense, then 4095 is correct.. But why do you have 390 tagged on your switch going to vlan390? What is on the other end - another switch, an AP..

                    1 Reply Last reply Reply Quote 0
                    • K
                      kksu last edited by

                      it is going to another switch/network.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post

                      Products

                      • Platform Overview
                      • TNSR
                      • pfSense
                      • Appliances

                      Services

                      • Training
                      • Professional Services

                      Support

                      • Subscription Plans
                      • Contact Support
                      • Product Lifecycle
                      • Documentation

                      News

                      • Media Coverage
                      • Press
                      • Events

                      Resources

                      • Blog
                      • FAQ
                      • Find a Partner
                      • Resource Library
                      • Security Information

                      Company

                      • About Us
                      • Careers
                      • Partners
                      • Contact Us
                      • Legal
                      Our Mission

                      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                      Subscribe to our Newsletter

                      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                      © 2021 Rubicon Communications, LLC | Privacy Policy