Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Another DHCP issue with VMs

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    3 Posts 1 Posters 571 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      distengr
      last edited by distengr

      Hello Pfsense experts!

      I'm here after going through multiple posts related to DHCP not working but I always seem to be either missing some information or the related post is not similar to what I'm setting up. Please excuse my english and lack of knowledge of basic networking. I'm trying my best to get upto speed with this and and try to verify if my understanding is correct or not.

      This is the high-level architecture of my setup. With this configuration, my Asus access point has no issue working well and is able to pass through all the DHCP traffic to the devices which are connecting wirelessly. The only problem is the VMs which are running within ESXi. Choosing anything apart from the Trust. All the traffic is going through a TP-Link TL-SG108E switch(not sure if this is a bad switch since I heard it is?) Please help. I'm at my wits end!!!

      HLDHomeLab.jpeg

      Below are the ESXi, switch and firewall configuration

      ESXi
      ESXi-Portgroup.jpeg

      ESXi-Portgroup-Trust.jpeg

      ESXi-Portgroup-Client.jpeg

      ESXi-Porgroup-VMNetwork.jpeg

      ESXi-Porgroup-Untrust.jpeg

      ESXi-Porgroup-Trunk.jpeg

      ESXi-Porgroup-Server.jpeg

      ESXi-Porgroup-ManagementNetwork.jpeg

      1 Reply Last reply Reply Quote 0
      • D
        distengr
        last edited by

        Continuing from my previous post since reached image limit

        Switch
        Switch-VLANConfig.jpeg
        Switch-PVIDConfig.jpeg

        Firewall

        Firewall-Interfaces-Client.jpeg

        Firewall-LAN.jpeg

        Firewall-Rules-Client.jpeg

        Firewall-Rules-LAN.jpeg

        Firewall-Rules-Server.jpeg

        Firewall-VLAN-Client.jpg
        Firewall-VLAN-Server.jpg

        1 Reply Last reply Reply Quote 0
        • D
          distengr
          last edited by

          I've finally managed to get this fixed, thanks to a kind soul found on the Internet. I basically got schooled(again!) on layer 2 traffic and having an extra pair of eyes go through the firewall config, I found out what the problem was. I was basically trying to shoehorn VLAN traffic through the switch and causing a loop(even with loop prevention turned off). However, this was not affecting my regular traffic which made me continue to troubleshoot and assume that my configuration was correct.

          Considering my requirement has been that VMs talk to each and gets update over the internet and nothing outside of these VLANs, I added another interface to pfsense(trunk port) and in pfsense, changed the VLANs to be going through the new interface, rather than still pushing it through the physical LAN which I was trying to do. I now get DHCP AND the machines are able to reach out to the internet.

          Once I added the trunk network interface as an additional NIC, it showed up as a 3rd interface on pfsense which showed as vmx2

          ef00ec88-22ea-4b6e-a5cb-a5cd24c95b2e-image.png

          I used the third NIC to pass my VLAN traffic
          97e9f5c0-4b2a-4482-8320-999d1e4bbdaf-image.png

          Earlier, I had configured VLAN to be going vmx1, by letting the traffic go out through the LAN/Trust interface and then trying to get it back through the same port (since I didn't have another NIC free on ESXi). Now, all my VMs are getting the correct IP address range

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.