VLAN not getting internet

johnpoz

Well you clearly have active states on your rules, and traffic moved.. Did you mess with outbound nat? Auto would of added your new vlan to the outbound nat, but if you had switched to say manual then it wouldn't

Can you ping pfsense vlan 20 IP?

pirateparley

I did switch to manual and here config of it. Looks like it is what it supposed to be doing.

https://imgur.com/xuXWvuX

I am unable to ping pfsense vlan 20ip other than my router itself which is on 10.0.20.201 on static ip which is connected to port 8.

johnpoz

Why would you switch it to manual??

If you can not ping pfsense IP on vlan 20, which would be the gateway for vlan 20 to get you know say the internet.. Then no your never going to get to the internet.

Router??? Dude what do you have plugged into port 8... When you put a PC on there, does it get a dhcp address from pfsense on vlan 20? Does it get to the internet?

pirateparley

I have router connected to port 8 which is disabled for DHCP server but pfsense is acting as dhcp server. If i connect my mobile to router (acting as wifi access point) , i am getting dhcp lease from pfsense in vlan 20 ip range.

I changed to manual after nothing was working.

pirateparley

@johnpoz i tried with laptop connected using ethernet. No internet connection. I don't what is wrong...

If i connect my router to other port which isn't part of vlan id, i get internet on all devices which are connected, only with vlan ID port, i don't get internet. I get DHCP lease for devices I connect to router though.

I would appreciate your help. Thanks.

johnpoz

Lets see your rules you put on vlan 20 interface.

pirateparley

Here is rule in firewall. Thank you so much for your help.

https://imgur.com/wJaWphx

johnpoz

Not what I asked for - lets see the firewall rules you have on your vlan 20 interface.. All of them

Example

For all we know you have something blocking above that, do you have any rules on floating?

If you can not even ping the vlan interface IP. Then you have a connectivity problem, or you don't have rules allowing it, or you have something specific blocking it before your allow rule, etc.

pirateparley

I though I posted it on original post. here it is though..

https://imgur.com/IAcQEhI

johnpoz

Do you have any rules in floating... Those rules would allow for you to ping the vlan 20 IP from something in vlan 20.. If you can not, then you have a connectivity issue or a rule in floating blocking it.

Does your client show the mac address for the vlan interface IP in its arp table?

Get rid of the router or whatever you have connected there and plug a PC/laptop into that switch port. Does it get a dhcp address from pfsense dhcp server, can it ping pfsense vlan 20 IP?

pirateparley

@johnpoz said in VLAN not getting internet:

Do you have any rules in floating... Those rules would allow for you to ping the vlan 20 IP from something in vlan 20.. If you can not, then you have a connectivity issue or a rule in floating blocking it.

No floating rules. Completely empty.

Does your client show the mac address for the vlan interface IP in its arp table?

Not on ARP table but I do see it on DHCP lease. here it is. https://imgur.com/L7BDOyJ

Get rid of the router or whatever you have connected there and plug a PC/laptop into that switch port. Does it get a dhcp address from pfsense dhcp server, can it ping pfsense vlan 20 IP?

I got rid of router and plugin laptop using ethernet and no luck. I do get DHCP address on both instances.

pirateparley

@johnpoz thanks for your help so far. It is fixed. this option was checked. Once I unchecked, I started getting internet. Didn't even know when it got clicked. Thanks.

https://imgur.com/ua2kuQe