Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    7100 External VLAN Trunk / Seperate Networks

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    9 Posts 3 Posters 837 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prioret
      last edited by

      I've been reading the documents and forums, but I can't figure out how to make the following work.

      I want to have the WAN port on IX0.

      I would like to take a trunk into the 7100 on IX1. That trunk would have multiple VLANs, let's say VLANS 10, 11, 12

      The trunk for IX1 is coming from a CISCO 3750, and the interface is already set up as a trunk with those VLANs on it.

      Each VLAN would have its own network and DHCP and be NATed to the WAN.

      For example:

      VLAN 10 would be 192.168.10.0/24
      VLAN 11 would be 192.168.11.0/24
      VLAN 13 would be 192.168.12.0/24

      I want to manage the 7100 on one of the ETHs (I know how to do this, I got it working on some 1100s). just figured I'd include this to be thorough.

      Thanks for any help!

      P 1 Reply Last reply Reply Quote 0
      • AndyRHA
        AndyRH
        last edited by

        Other than VLAN numbers mine is the same. Kind of weird.
        I left the switched ports as LAN, this is my anti-lockout strategy.

        Change the WAN interface to ix0. This can be done under interfaces.
        When you create the other VLANs, you assign them to ix1.

        When I am home I can add screen shots it you would like me to.

        https://docs.netgate.com/pfsense/en/latest/vlan/configuration.html

        o||||o
        7100-1u

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yes, that should be relatively straight forward. Doing that doesn't involve the on-board switch at all so simplifies things.

          What have you tried so far?

          Steve

          P 1 Reply Last reply Reply Quote 0
          • P
            prioret @stephenw10
            last edited by

            @stephenw10

            Thats, reading the docs I got the impression that this would only work if I go to "port mode" as documented below. Are you saying I don't need to use port mode?

            Port Mode
            https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100/switch-overview.html

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              ix0 and ix1 are not connected via the switch so you should not have to make any changes to the switch config.

              P 1 Reply Last reply Reply Quote 0
              • P
                prioret @prioret
                last edited by

                @prioret

                Thanks for your help!

                Reading the docs I got the impression that this would only work if I go to "port mode" as documented below. Are you saying I don't need to use port mode?

                Port Mode
                https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100/switch-overview.html

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by stephenw10

                  Still nope. 😉

                  The switch uses ix2 and ix3 so would not be involved.

                  1 Reply Last reply Reply Quote 0
                  • P
                    prioret @stephenw10
                    last edited by

                    @stephenw10

                    So just make the vlans and assign them to ix1?

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Yup, exactly. Then assign them and add dhcp servers and firewall rule etc.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.