Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2x Cisco SG300 + Tagged VLAN + No VLAN on Pfsense setup + manually added route on Server

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    1 Posts 1 Posters 208 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elemy
      last edited by

      Hello,

      i have a question what would be the best approach for my current setup.

      We got a Cisco CPE (BGP protocol) from our telephony provider which has a DSL modem and a few LAN ports.

      The purpose of this thing is to provide us with a backup phone line (SIP) if our internet goes down.

      Right now our switches are stuffed so i have the PBX on a virtual server with a tagged VLAN, that switch is connected to another switch, also tagged, the CPE is then connected on the second switch with a tagged VLAN and with an untagged port for network connectivity.

      The CPE has a direct connection to the providers phone network, primarly routing over our internet and if that goes down it switches over to the modem for the backup line.

                 ________________ pfSense _____________ internet
        LAN | 
                 ----untagged------- CPE -----tagged------ PBX
                                                  |
                                            Modem
      

      I only tagged the ports on the switches and pfsense doesn't know about the VLAN at all i also added a route on our PBX to route traffic through the CPE.

      If i ping the PBX/CPE from pfSense ping times are bad, but that would be logical (imho) as pfSense sends the ping out to WAN.
      If i ping from the PBX to CPE i get 0.6 ms, can't try the other way around as i have no access to the CPE.

      It is all working so far, but is this the right approach? Or do you guys say i could do better :)

      cheers

      elemy

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.