DHCP on VLAN
-
I have run into a wall and dont know where to turn now, I need some help here.
I was running a full Unifi system, USG, switches, wifi AP's, and a self hosted controller.
All was working good until the USG died, and I decided to switch to a hosted pfSense router as unifi does not have any better router than the USG-PRO that I can get hold of...
Now I get to learn many things...So everything works except my guest wifi network.
I followed a guide that showed me how to create the vlan interface in pfsense and set the firewall rules, dhcp etc all for the guest network. This is the guide I followed:
https://www.youtube.com/watch?v=hhPGN4UJHAMIt covered every aspect but where I cannot figure things out is for some reason my clients are not getting DHCP. I ran thru the video four times now and I am certain I did everything exactly the same!
I am wondering if my LAN DHCP that runs on my windows domain server VM is a problem somehow? It is not reporting any issues.
Everything is on VLAN so I just dont get it! -
@justsumdad said in DHCP on VLAN:
I am wondering if my LAN DHCP that runs on my windows domain server VM is a problem somehow?
Quite improbably.
I rather suspect, your VLAN is not working properly.
Your pfSense is virtualized?What is the other end of the VLAN? The switch or the wifi AP?
Did it work this way before? -
@viragomann
the vlan is created in pfSense, under interfaces. Simply called guest.
parent interface is lan
ipv4 address of 10.10.0.1/24
VLAN 30 on vmx2 - lan (Guest)
The DHCP Server is created under pfSense as well, taged to the guest interface.
firewall rule is created to pass all on guest, any protocol. will be hardened later.for the Unifi side, a network was added just for VLAN, to inform the switches of the vlan
called Guestthen a wifi network was created, very basic, connected to the guest vlan.
No, this setup has never worked with pfSense it only worked when all components were unifi.
-
@viragomann
oh and yes, I am running the pfSense virtualized.
Under vmware. -
@justsumdad said in DHCP on VLAN:
for some reason my clients are not getting DHCP.
in pfsense configure the dhcp relay? or dhcpserver?
-
@justsumdad said in DHCP on VLAN:
oh and yes, I am running the pfSense virtualized.
How many NICs do you have in your VMware? and how are brige mode?
I want to know physically, how to connect everything.
-
@justsumdad
Are you sure, VMware is passing VLAN tags? -
@viragomann said in DHCP on VLAN:
Are you sure, VMware is passing VLAN tags?
I ask myself the same question.
-
@silence said in DHCP on VLAN:
want to know physically, h
The server has unused NIC's onboard, setup as per this guide:
https://www.youtube.com/watch?v=UCLWSAc3QrYworks great.
not in bridge mode, the fiber modem is in bridge mode, one nic is direct to the modem called WAN
Another port is direct to the switch bay, Called LAN.So its doing NAT.
-
@viragomann
I really belive it is passing VLAN tags, if I set a static IP on the wifi test client it does get access to the internet.
Only DHCP seems to be an issue. -
@justsumdad said in DHCP on VLAN:
DHCP seems to be an issue.
please answer my previous question dhcp relay or dhcp server in pfsense ?
-
@justsumdad
So the VLAN should work.To investigate, sniff the traffic on the VLAN interface (Diagnostic > Packet capture).
Set a port filter:67|68to catch only DHCP packets.
Start the capture and connect a client to the VLAN. Then see what you get.
-
@silence said in DHCP on VLAN:
@justsumdad said in DHCP on VLAN:
DHCP seems to be an issue.
please answer my previous question dhcp relay or dhcp server in pfsense ?
Sorry, pfSense is the DHCP server, there is no DHCP relay in the network at all.
The lan DHCP is takeing place in the Windows server.
The VLAN DHCP server is takeing place in pfSense.
-
@viragomann said in DHCP on VLAN:
@justsumdad
So the VLAN should work.To investigate, sniff the traffic on the VLAN interface (Diagnostic > Packet capture).
Set a port filter:57|58to catch only DHCP packets.
Start the capture and connect a client to the VLAN. Then see what you get.
Nothing, no packets appear. I did an ipconfig /renew on the laptop that is connected while the capture was on:
-
@justsumdad, configure a dhcp relay to your dhcp server in windows server?
Disable DHCP Server in pfsense.
-
@justsumdad
Oh, sorry, I was wrong. We need port 67|68.
I'll correct it above. -
@silence
not sure how to tag a DHCP to a vlan in windows.
Will look into it, but if pfSense cant do it, I expect that would bring more issues into the mix. -
@viragomann said in DHCP on VLAN:
@justsumdad
Oh, sorry, I was wrong. We need port 67|68.
I'll correct it above.I just got a nasty ph call from the boss, had to whip up a temp guest wifi from our backup ISP via a small USG I have in stock for satellite offices.
told to keep my paws off till after hours for now.will pick this up another day :(
Thanx for the assist thus far everyone!
-
@justsumdad You could try setting up a PC on VLAN 30 with a static IP to verify it can ping the pfSense IP. That would at least verify communication.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
@steveits said in DHCP on VLAN:
try setting up a PC on VLAN 30 with a static IP to verify it can ping the pfSense IP
Excuse me but if you can read above @JustSumDad He said he already did that.
