Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fresh new setup, little help needed

    Scheduled Pinned Locked Moved
    Firewalling
    1
    1
    81
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marcel1988
      last edited by

      I have a proxmox server, where i have created a PfSense VM.
      Everything is setup, and it is working with internet access and all.

      VLAN 10 = Main network. This contains the PCs, printers, and a NAS system
      VLAN 20 = Kids network. This contains all the kids' devices, PCs / Game consoles / telephones.
      VLAN 30 = Security Network. This covers everything related to cameras and so on.
      VLAN 40 = Guest network. I only want my guests to log in here.

      6508c3a5-896e-41c9-a52d-9e924ff2d91e-image.png

      I created the VLANS and run it over the standard LAN1.
      Connection is from PfSense LAN > TP-Link TL-SG1016DE port 1.

      I neatly created the VLANS in the TP-Link TL-SG1016DE, and set TAGGED to port 1, and set TAGGED again to port 16. Because from port 16 it goes to my office to the TP-Link TL-SG108E-Gigabit (8-port) on Port 1.

      In the TP-Link TL-SG108E-Gigabit (8-port) at the office I created the VLANS and put TAGGED on port 1 and TAGGED on port 7 and 8. Because port 7 goes to the living room and port 8 to the children's rooms.

      I have a TP-Link TL-SG105E-Gigabit (5-port) in both the living room and the children's room.
      Both are set up the same, namely on port 1 TAGGED the VLANS.

      Now I have been busy putting the correct devices UNTAGGED on the port and that also works fine, because the correct IP range is distributed to the devices.

      The devices cannot connect together from one VLAN to another VLAN.
      But still to the native VLAN 1. This also applies to the PfSense interface page. And even if they go to the gateway address of the VLAN, they end up on the config page of PfSensen. (This is of course not desirable)

      What I would like, on the native VLAN-1 i have my Proxmox server with a number of VMs in it.
      One of them is OpenMediaVault. And another one is MotionEye.

      OpenMediaVault is also installed on my NAS server with Plex.
      And MotionEye is for recording my cameras around the house.

      I would like to accomplish the following:

      VLAN 10 should be accessible everywhere in the house, since it also has my own PC on it.
      VLAN 20 Kids network must have internet, but must be able to access Plex, the rest no access
      VLAN 30 is required for cameras that can connect to MotionEye, but not OpenMediaVault.
      VLAN 40 must be isolated, but I think this can be easily arranged in the UNIFI APs with a separate SSID and a guest network with hotspot.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post