Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting up SG2100

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    5 Posts 2 Posters 758 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      simon_lefisch
      last edited by simon_lefisch

      Hello everyone,

      So I finally got an SG2100 after running pfsense as a VM for about a year and half. When setting it up, I noticed that the switch ports seem to be all on the same VLAN (VLAN1), which looks like they are all bridged (BVI). I could not find an way to undo said bridge, and could not find anything in documentation. Is there any way to have those switch ports be their own physical LANs? On my VM, I had a 4-port NIC card and was able to create separate networks for each interface (port 1 = LAN, port 2 = WLAN, etc). I would like to have that same config if possible. Any help would be greatly appreciate, as this is my first pfSense+ hardware. TIA!

      R 1 Reply Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @simon_lefisch
        last edited by rcoleman-netgate

        @simon_lefisch The 4 LAN ports are all on the internal device switch, they are not discrete interfaces.

        You can find details on how to configure the switch here: https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/configuring-the-switch-ports.html

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        S 1 Reply Last reply Reply Quote 0
        • S
          simon_lefisch @rcoleman-netgate
          last edited by

          @rcoleman-netgate said in Setting up SG2100:

          https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/configuring-the-switch-ports.html

          Hi @rcoleman-netgate, thanks for the reply.

          I did see that and that is how I set it up initially. However on the CLI it shows below for the interfaces:

          LAN (lan)       -> mvneta1    -> v4: 192.168.xxx.1/24
WLAN (opt1)     -> mvneta1.20 -> v4: 192.168.xxx.1/24
WLAN_GUEST (opt2) -> mvneta1.21 -> v4: 192.168.xxx.1/24

          mvneta1.xx tells me that all the switch ports are bridged. Is that actually the case? Is there any way to not have them bridged? I know on a Cisco Firepower 1010 you can set the interfaces separately or have them set as Bridged Virtual interfaces (BVI).

          Since this my first piece of Netgate hardware, I just want to make sure I understand the configuration.

          R 1 Reply Last reply Reply Quote 0
          • R
            rcoleman-netgate Netgate @simon_lefisch
            last edited by rcoleman-netgate

            @simon_lefisch said in Setting up SG2100:

            mvneta1.xx tells me that all the switch ports are bridged. Is that actually the case? Is there any way to not have them bridged? I know on a Cisco Firepower 1010 you can set the interfaces separately or have them set as Bridged Virtual interfaces (BVI).

            They are a single ethernet chip LAGGed as a switch. There is no way to break the LAGG and use them individually.

            Worth noting that the only systems this is the case on are:
            1100, 2100, 3100 and 7100 models. All others have discrete interfaces.

            Ryan
            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
            Requesting firmware for your Netgate device? https://go.netgate.com
            Switching: Mikrotik, Netgear, Extreme
            Wireless: Aruba, Ubiquiti

            S 1 Reply Last reply Reply Quote 1
            • S
              simon_lefisch @rcoleman-netgate
              last edited by

              @rcoleman-netgate said in Setting up SG2100:

              @simon_lefisch said in Setting up SG2100:

              mvneta1.xx tells me that all the switch ports are bridged. Is that actually the case? Is there any way to not have them bridged? I know on a Cisco Firepower 1010 you can set the interfaces separately or have them set as Bridged Virtual interfaces (BVI).

              They are a single ethernet chip LAGGed as a switch. There is no way to break the LAGG and use them individually.

              Worth noting that the only systems this is the case on are:
              1100, 2100, 3100 and 7100 models. All others have discrete interfaces.

              Thanks for that info, I did not know that. I appreciate you taking the time to let me know this 🙏 😁 🤙

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.