Vlans on Netgate 2100
-
Hi
I am have problems to get Vlans working here is what i have done
Hope i get pointed in the right direction
Interfaces -> Assignments -> VLANs / Add - VLAN tag = 40 - Description = "wifistrangers"
Interfaces -> Interface Assignments -> Available ports: Select "VLAN 40 on mvneta1" / Add -> wifistrangers
wifistrangers -> enable interface -> ipv4 add 10.10.2.1/24
Services -> DHCP server -> Enable DHCP server on LAN interface - subnet range 10.10.2.1 - 10.10.2.254
firewall -> firewall rules -> wifistrangers > ipv4* - * - * - * - * - *
I have a UniFi Switch Lite 8 PoE and a Unifi U6+ AP
On there i made the networks for Default & wifistrangers
I made a SSID for default & wifistrangers and set wifistrangers to VLan 40
The default networks works fine cabel & wifi
But I cant get a IP on the Vlan from the DHCP
I can ping 10.10.2.1 from my pc on Default LAN (192.168.1.1/24) -
@John_McNoob said in Vlans on Netgate 2100:
Sory i made a mistake with picturs got it fix now
-
@John_McNoob The DHCP screen cap has the wrong subnet...?
I think you need to add the tag to the switch?
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/switch-overview.htmlThe https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/configuring-the-switch-ports.html doc page has instructions for isolating a port which isn't what you're asking but it has screen caps of the switch options, steps 15-20. (the last part is to remove port 4 from the default VLAN on the switch)
-
If i use the second link then i will lose my default lan to the switch on port 1 ( i had to plug my lap to in to port 2 on the pfsense in order to get port 1 up again)
I have all my trafik from my pfsense to the switch on port 1
and as i read / understand from the first link then the vlan will be taged to a specifik port but the rest of the trafic will be droped ?
i will try out link 1 with a diffrent ap (my old asus router) and see what happens
But i would like all trafic to run on port 1 so i can use my POE AP from the switch -
@John_McNoob Yes that second doc page is for isolating a port like it's a separate physical port. I was only referring to the part about adding the tag to the switch. I haven't done this on a 2100 or similar, but I'd expect the internal switch would need to know about the VLAN.
If you isolate one of the ports, then you could avoid VLAN tagging anything but then that network must be wired separately.
-
Now i had the time to try out link 2 (Configuring the Switch Ports)
I too my old asus router set up as an AP on port 2
Work like a charm .. i get an ip stright away :)
Now i just need to figure out how to get wlans to run thrught port 1 and to my switch and have that deal with the Vlans
i really appriciate the help
-
@John_McNoob
Your first post showed a picture of the DHCP setup for your main network (or at least I assume that's what it is). You need to create a second DHCP server that is attached to the wifistrangers interface and serves out the 10.10.2.x address range. -
S SteveITS referenced this topic on