Trunk/LAGG problem / pfSense UniFi 24-250W PoE Switch and VLANs
charles_moody last edited by charles_moody
During lockdown I rerun the cabling of our house with the help of my two brothers with exactly 1470m of CAT7 S-FTP cable (it became that much because of a lot of PoE+ appliances).
I run a Protectli SBC (AES-NI capable) with pfSense (behind a media converter) for the 100/50 fiber that we finally got after 7 years. Behind the firewall there’s one UniFi 24-250W PoE Switch which connects to 4 smart-managed Netgear switches (7 others behind them (tv's, gaming-consoles, sonos, home-automation)) and 7 PoE APs (Cisco Linksys WAP4410N, got them cheaply through various eBay re/sellers).
I did search google and the forums and I’m reading tuts, not watching vids with all the blabla.
I’m following this setup for guidance https://nguvu.org/pfsense/pfsense-baseline-setup/
My physical ports are
and configured as
em1 LAN - 192.168.7.0/24
em2+3 LAGG - VLANS (16)
I use LAGG for all my VLAN traffic
It’s often stated in various tut's that the native LAN interface will strip of the VLAN tags from traffic (true with 2.4.x rls?)
My problem was that I couldn't get IPs in the various VLANS;
I resetted everything to default and I'm again following the tutorial^
I edited the entire post and let it stand as it may be useful for the next steps.
Thanks johnpoz for answering, I will get back to you when I have questions or when I'm done, don't want to bother you with no progress.
PS: Quick question, why is everyone censoring the mac-adresses of the nics? Would be nice to understand that
Can anyone tell me how to get the switch to adopt
So this is crux of your issue?
That has nothing to do with pfsense.. Your controller and switch need to be on the same L2 network for adoption... Or you need to use L3 adoption.. This has everything to do with unifi, and not related to pfsense at all.
behind that about 10 smart-managed Netgear switches
This seems nuts - are they all in closets somewhere.. How big is this house? If you were running cable - why would all your cables not just home run back to your core switching area? Curious where exactly all these switches are?
want LAN just for troubleshooting and because it’s often stated that LAN will strip of the VLAN tags from the traffic
Huh? You can run vlans on lan just like any other interface.. So not sure what your thinking with this statement... Sure you can use lan interface as your management interface.. But it can run vlans on it as well if you want.