Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need help to configure pfsense + Cisco switch + vlans

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    24 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mvikman @dvb
      last edited by

      @dvb said in Need help to configure pfsense + Cisco switch + vlans:

      I was just tring to ping "vlan10 gateway" -> 192.168.10.254 but it fails. For this, no rule is needed beause we stay on OSI layer 2 (correct me if I am wrong).

      Yes, the gateway is in the same address space, but it is a pfsense interface and the firewall rules apply to traffic incoming to that interface.
      The default action is "deny all", so the interface ip will not respond to ping unless you create rule to allow it.

      pfSense Plus 24.11-RELEASE (amd64)
      Dell Optiplex 7040 SFF
      Core i5-6500, 8GB RAM, 2x 240GB SSD (ZFS Mirror)
      HPE 561T (X540-AT2), 2-port 10Gb RJ45
      HPE 562SFP+ (X710-DA2), 2-port 10Gb SFP+

      D 1 Reply Last reply Reply Quote 0
      • D
        dvb @mvikman
        last edited by

        @mvikman said in Need help to configure pfsense + Cisco switch + vlans:

        Yes, the gateway is in the same address space, but it is a pfsense interface and the firewall rules apply to traffic incoming to that interface.
        The default action is "deny all", so the interface ip will not respond to ping unless you create rule to allow it.

        OK I understood !

        I just created these two rules (to ping from host and from laptop). No succes, ping still fails. Any idea ?

        text alternatif

        text alternatif

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @dvb
          last edited by johnpoz

          @dvb for one you have the pvid on port 8 as 1, that should be 10.. Or no nothing is ever going to work.. laptop sends traffic and port puts it on vlan 1..

          Also your firewall rules - you don't need that rule from address to net.. Rules are only evaluated as traffic enters the internet from the network..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          D 1 Reply Last reply Reply Quote 0
          • D
            dvb @johnpoz
            last edited by

            @johnpoz said in Need help to configure pfsense + Cisco switch + vlans:

            @dvb for one you have the pvid on port 8 as 1, that should be 10.. Or no nothing is ever going to work.. laptop sends traffic and port puts it on vlan 1..

            Also your firewall rules - you don't need that rule from address to net.. Rules are only evaluated as traffic enters the internet from the network..

            I tried one untagged vlan per port, all is working perfect :

            text alternatif

            Thank you very much for your support and advice !

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.