Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default LAN - is it possible to tag as x VLAN?

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 830 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      d2freak82
      last edited by

      Just trying to figure out - is it possible to tag the default LAN as a specific VLAN say VLAN 10, tag LAN as VLAN 10 or any VLAN number besides 1 or 0?

      Or do you need to create a VLAN interface to accomplish that? If you do create an interface for a default VLAN - we'll say 10 for argument sake, can you delete the LAN interface and use VLAN10?

      B 1 Reply Last reply Reply Quote 0
      • B Offline
        bPsdTZpW @d2freak82
        last edited by

        @d2freak82 What are you trying to accomplish? Are you trying to connect a switch that's currently using a VLAN to a pfSense LAN port and be able to access the LAN from the switch's access ports?

        1 Reply Last reply Reply Quote 0
        • D Offline
          d2freak82
          last edited by

          I don't want my LAN on the default VLAN?

          B 1 Reply Last reply Reply Quote 0
          • B Offline
            bPsdTZpW @d2freak82
            last edited by

            @d2freak82 said in Default LAN - is it possible to tag as x VLAN?:

            I don't want my LAN on the default VLAN?

            Very reasonable. So the canonical approach to do this is to begin by setting up your switch so that it doesn't use the default VLAN for anything. Next, on the switch, dedicate however many VLANs you need to partition your LAN appropriately. Then also on the switch, allocate access ports for them as needed. Then add a trunk port that carries all the VLANs that need routing through pfSense (e.g., internet access).

            Now in pfSense, create the corresponding trunk interface, create the VLANs, create an interface for each VLAN (allocating IP addresses appropriately to avoid collisions), and assign the interfaces to their corresponding VLANs. You might need some firewall rules on the interfaces, too. Also check NAT if any of your VLANs need to access anything (e.g., internet) via the WAN.

            D 1 Reply Last reply Reply Quote 0
            • D Offline
              d2freak82 @bPsdTZpW
              last edited by

              @bpsdtzpw While I do appreciate the advice, and the response. I am well aware of how to configure my switches, they're setup already.
              What I'm trying to figure out is can I tag the LAN interface on the router? And if not can I create a VLAN as a default and disable the LAN interface?

              johnpozJ 1 Reply Last reply Reply Quote 0
              • johnpozJ Offline
                johnpoz LAYER 8 Global Moderator @d2freak82
                last edited by

                @d2freak82 create a vlan on pfsense, and then set your lan interface to use the vlan on parent interface that is your lan.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

                D 1 Reply Last reply Reply Quote 2
                • D Offline
                  d2freak82 @johnpoz
                  last edited by

                  @johnpoz said in Default LAN - is it possible to tag as x VLAN?:

                  @d2freak82 create a vlan on pfsense, and then set your lan interface to use the vlan on parent interface that is your lan.

                  Thank you! That's exactly what I was after

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.