Pfsense, ESXi, HP (aruba) switch vlan problem
-
Hi I am having trouble to get this (see picture test system) setup work OK. Problem is that I cannot ping the vlan interface from other PC that is in default vlan but I can of cource ping the pfsence IP from this PC as we as use its web gui. I can ping from pfsense using created vlan interface the switch same vlan IP and other IP addresses on that VLAN so it seems that the vlan part is OK. Problem seems to be in the routing to the vlan. I don’t seem to find what I am doing wrong can someone help me on this ?
-
Switch is HP (aruba) 2930F
-
nothing is hitting the vlan390 interface, probably a routing problem. you should check the aruba switch and see if it's configured as layer 2 or layer 3, to make it work like your draw, it should be configured as layer 2 (no routing should be done on the switch).
also, what is this interface?
the default untagged vlan for the switchs is usually 1, you should never tag a vlan with 1 , nevertheless i don't see that interface on the screenshot of the firewall rules -
Switch is configured as layer 2. the default vlan1 is untagged on the port that is connected to pfsense vlan1 in the interface is some thing I did try and I did forget to delete it. So the vlan1 is untagged and connects directly to pfsense lan.
-
i don't see anything wrong on pfsense config, the problem must be on the virtual switch, i think you also need a portgroup with vlan id 390 but i think @johnpoz know better
-
I have similar system/config on my personal test "bench" and it works OK so that what makes this problem little strange.
-
this is for example how another dude had to configure his esxi to make vlan 2 pass https://forum.netgate.com/assets/uploads/files/1573222964451-ws.png
i hope it help -
If you want esxi to pass tags to pfsense, then 4095 is correct.. But why do you have 390 tagged on your switch going to vlan390? What is on the other end - another switch, an AP..
-
it is going to another switch/network.
