Setup problems with Vlans...

L2/Switching/VLANs
Log in to reply
  • D

    I have a netgear TL-SG105E switch,.. and I am trying to config install 4 x Vlans.
    I have configured the switch as follows, following the info on several wiki's posts,.. and other web docs. (trying to find the definitive ).
    I have config'd the ports in pfsense,.. and I have enabled the vlan comms port with its own ip address, and dhcp server.
    The switch is seen, on the host vlan port,.. with a suitable dhcp address as given.

    However,.. if I plug a device into one of the defined vlan ports (vlan3),.. it appears within the dhcp range of the main vlan port,.. and not the one its is plugged into, needless to say the traffic monitor also reflects this situation and shows all the comms on the vlan main port and not the actual vlan30 port it is plugged into.
    Are my netgear configs correct,. or is my miss-understanding / error with my pfsense configs.

    I am running the latest version of pfsense s/w,.. Many thanks
    rgds

    Below are the netgear configs:-

    VLAN ID	 VLAN Name member ports	Untagged Port  no other column entries
1	Default	                  1-5		              1-5	
20	VLAN20	                  1-2		              1-2	
30	VLAN30	                  1,3		              1,3	
40	VLAN40	                  1,4	               	      1,4	
50	VLAN50	                  1,5		              1,5	

    Interface	VLAN tag	    Priority
igb3 (opt1)	20			 
igb3 (opt1)	30			 
igb3 (opt1)	40			 
igb3 (opt1)	50

    	Port 1	1
	Port 2	20
	Port 3	30
	Port 4	40
	Port 5	50

    pfsense port assignments

    WANPPPoE	PPPOE0(igb0) - lanter@never.comms.com
LAN1	igb1 (00:e0:67:21:71:75)
VLAN	igb3 (00:e0:67:21:71:77)
LAN2	igb2 (00:e0:67:21:71:76)
VLAN20	VLAN 20 on igb3 - opt1
VLAN30	VLAN 30 on igb3 - opt1
VLAN40	VLAN 40 on igb3 - opt1
VLAN50	VLAN 50 on igb3 - opt1
    bingo600 1 Reply 0
  • bingo600

    @diyhouse

    1: TP-Link switches are terrible , and leaks VLAN1.

    2:
    One of the ports on the Switch , the one connected to pfSense IGB3.
    Has to have all the VLANS used, setup as Tagged Vlans.

    It seems that you have made the pfSense end correct , and are tagging all the used vlans on the IGB3 IF. You need to match that in the switch.

    Simplified said:
    Tagged vlans are used for "transport" - ie. from pfSense to Switch.
    You can transport several vlans down the same wire in tagged format.

    Untagged vlans are normal ethernet frames. And an untagged port can only be member of ONE Vlan.
    Untagged vlans are used for access - Ie. from switch (port) to "end device".

    I explained tag/untag a bit here
    https://forum.netgate.com/post/944383

    /Bingo

    0
  • D

    Tx for your replay Bingo,.. the 'mud is clearing',...

    Small correction to my 1st post; my switch is a tp-link,.. not netgear as I 1st quoted.

    I have tried to create a vlan with all the ports included as tagged, but the TP-Link interface does not allow this... am I missing something?

    so in summary => vlan 1, add all ports, as tagged, not allowed
    I have tried to create a vlan 10, add all ports, as tagged, but again this is not allowed even though it report as 'operation successful'.
    Any more thoughts...

    JKnott bingo600 2 Replies 0
  • JKnott

    @diyhouse

    If you're using VLANs, don't bother with TP-Link. Some models don't do VLANs properly. I recently removed my TP-Link AP for that reason.

    You could use that switch as a data tap. It works well in that role.

    0
  • bingo600

    @diyhouse said in Setup problems with Vlans...:

    Tx for your replay Bingo,.. the 'mud is clearing',...

    I have tried to create a vlan 10, add all ports, as tagged, but again this is not allowed even though it report as 'operation successful'.
    Any more thoughts...

    You only create tagged vlans on ONE switch port.
    The one you are connecting to IGB3 , aka. your pfSense Vlan interface.

    All other switch ports are "untagged" members of the (single vlan) , it should carry data for.

    /Bingo

    0
  • D

    Tx for replying,.. Yep!, that's what I have been trying to achieve Bingo,..
    Its just that somewhere in the config setup TP-link,.. doesn't want to play ball,. unless I'm missing the obvious,.. ( which is quite possible ).
    Port 1 has set definitions,. that cannot ( appear to ) be modified.

    Does anyone else have a similar problem with their TP-Link switch,.. I must be doing something wrong in my setup methodology...

    D 1 Reply 0
  • D

    ...the more I read,.. even on the tp-link forum,.. the more I think I'll take the tp-link switch back and get an 8-port netgear..

    JKnott 1 Reply 0
  • JKnott

    @diyhouse

    You could have asked us. 😉

    D 1 Reply 0
  • D

    well Netgear vlan switch arrived,.. figured out how to configure it,.. and I now have 5 local VLANs enabled all working fine,..
    There are just so many configurable things with this unit,..
    BTW does anyone know how to save the config,.. without using the netgear cloud,. or is that the catch,. they want you to use their paid service... or am I just being a Scrooge...

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy