• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Beginner - N2000 how to set port 4 to it's own network?

L2/Switching/VLANs
2
7
201
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    blackburd
    last edited by blackburd Jan 30, 2025, 10:44 AM Jan 30, 2025, 9:52 AM

    As a beginner here I'm really struggling to find information that is written at a level that I can digest.

    I have a N2000 that I recently purchased.
    Version 24.11-RELEASE (arm64)
    built on Wed Nov 27 12:22:00 CST 2024
    FreeBSD 15.0-CURRENT
    IP address is set at 10.27.27.1

    It has 5 ports:
    WAN - 1 port to My Starlink in Bridged mode.
    LAN - 4 ports on the same device.

    I have a DHCP Server running on my LAN:
    10.27.27.100 - 10.27.27.225

    Some static IPs I have set:
    10.27.27.2 Unraid Server
    10.27.27.3 A media server that runs lots of docker containers
    10.27.27.4 An Intel N100 that runs a webserver and some other things
    10.27.27.5 A wireless router
    10.27.27.6 A wireless router
    10.27.27.7 A Gigabit switch that has 16 ports
    10.27.27.10 A wireless printer
    10.27.27.40-50 various computers or IOT devices I have static mapped to easily identify them in the list of assigned addresses when I look

    10.27.27.253 A TPLink Pharos Wireless AP for point to point 1000 feet away to another house.
    10.27.27.254 A TPLink Pharos Wireless set as CLIENT for the point to point

    Everything is working including a wireless router set on the other side of the Wireless client point to point that runs it's own DHCP server on whatever the default was, it's my parents house.

    I have been trying for a month to figure out how to segregate my parents from my LAN and just give them WAN access only. I want to move the AP to port 4 on the N2000.

    Best I can figure this requires setting up a VLAN attached to Port 4. I have followed two tutorials on the youtube with no success. The VLAN on port 4 would not assign an ip address from the range that I gave it (10.28.28.2/24). I tried everything I could think of and checked all the things.

    I have now deleted that setup and am starting fresh but where can I find a tutorial or information that would explain the concepts I need in plain english?

    Thank you,

    Copyright 2025 blackburd (Not Netgate). All rights reserved and retained, or not.

    P 1 Reply Last reply Jan 30, 2025, 3:48 PM Reply Quote 0
    • P
      patient0 @blackburd
      last edited by Jan 30, 2025, 3:48 PM

      @blackburd said in Beginner - N2000 how to set port 4 to it's own network?:

      I have a N2000

      What is a N2000 (an ARM device with pfSense Plus on it??) and what's about the "Copyright 2025 blackburd (Not Netgate). All rights reserved and retained, or not."?

      B 1 Reply Last reply Jan 30, 2025, 8:21 PM Reply Quote 0
      • B
        blackburd @patient0
        last edited by blackburd Jan 30, 2025, 8:26 PM Jan 30, 2025, 8:21 PM

        @patient0

        N2100 sorry.

        (edit)

        https://www.netgate.com/appliances

        P 1 Reply Last reply Jan 30, 2025, 9:33 PM Reply Quote 0
        • P
          patient0 @blackburd
          last edited by Jan 30, 2025, 9:33 PM

          @blackburd said in Beginner - N2000 how to set port 4 to it's own network?:

          https://www.netgate.com/appliances

          Ok, you got a Netgate 2100 (I'm still confused about the "Copyright 2025 blackburd" part).

          If you want to have port 4 as it's own network you can pretty much following the Netgate "Configuring the Switch Ports" guide. They even use port 4 in the example. You just have to replace the ip range in the example with the one you want.

          https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/configuring-the-switch-ports.html

          As stated at the very bottom of that guide, you have to add a firewall rule for that network and the DHCP server if necessary.

          1 Reply Last reply Reply Quote 0
          • B
            blackburd
            last edited by blackburd Jan 31, 2025, 6:12 PM Jan 31, 2025, 6:11 PM

            So I finally got this working using the tutorial provided. There are so many things that have to be set perfectly for this to work.

            I did not have my switch setup correctly for the vlan because I did not realize the way the groups and vlan tags worked.

            I did not have one of the ports in the switch setup set as "tagged", still not sure how this affected things.

            The number one thing that seems to have been stopping DHCP is setting OPT1 to 10.28.28.1 and DHCP to that subnet range seems to just not be allowed at all. When I use the example subnet of 192.168.100.1/24 it works.

            I spent quite a bit of time troubleshooting missing DHCP settings on OPT1 because I had the interface set to 10.28.28.1/34 which is super wrong.

            I still need to setup all my rules because they are a mess but I will work on that.

            At the bottom of every forum page it says the page is copyright Rubicon Communications, I just think it's funny that Netgate belives they should "copyright" everyone's personal contributions to the site. It was a joke that did not land for sure.

            P 1 Reply Last reply Jan 31, 2025, 6:53 PM Reply Quote 0
            • P
              patient0 @blackburd
              last edited by Jan 31, 2025, 6:53 PM

              @blackburd

              I did not have one of the ports in the switch setup set as "tagged", still not sure how this affected things.

              I'm not too good at explaining that, maybe the "Switch Overview" page for the 2100 help to understand

              https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/switch-overview.html

              setting OPT1 to 10.28.28.1 and DHCP to that subnet range seems to just not be allowed at all

              That's very odd, it's a valid range and does have to work. If both the LAN1 and OPT1 are set to /24 they are not overlapping. And if neither the WAN nor the network being your parents AP are using the same IP range, then it should work.

              I just think it's funny that Netgate belives they should "copyright" everyone's personal contributions to the site. It was a joke that did not land for sure.

              The joke was unexpected and I didn't make the connection with your username. That is on me :) . For a second I thought you may use a unofficial/illegal Netgate-clone device of a company named 'blackburd".
              If I could read - I hope to be able to one day - I'd made the connection to your username.

              B 1 Reply Last reply Jan 31, 2025, 7:39 PM Reply Quote 0
              • B
                blackburd @patient0
                last edited by Jan 31, 2025, 7:39 PM

                @patient0 said in Beginner - N2000 how to set port 4 to it's own network?:

                That's very odd, it's a valid range and does have to work. If both the LAN1 and OPT1 are set to /24 they are not overlapping. And if neither the WAN nor the network being your parents AP are using the same IP range, then it should work.

                I agree that it's odd and now that it's working I'm hesitant to mess with it again. I guess I could always backup my configuration, break it and then put it back to what I know works.

                1 Reply Last reply Reply Quote 0
                3 out of 7
                • First post
                  3/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.