Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cant get VLAN configuration between Netgate 4100 & Aruba 1930 to work

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    4 Posts 4 Posters 44 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dbeaver2471
      last edited by dbeaver2471

      Hello I have been working at this for days and still nothing, I have a netgate 4100 with an Aruba 1930 24 port switch. The goal is to be able to talk from VLAN1 to VLAN10 or VLAN20 so I can upload & download updates & sequences to/from my pc to the Raspberry pi on VLAN20, separate VLAN20 from the rest of the network as when I run a light show I dont flood the rest of the network.
      On the 4100 I created the VLANs 10 & 20 thru Interface-Assignments-VLANS, then added them thru Interface Assignments and they show up as VLAN10 on icg0-lan(MGMT) & VLAN20 on icg0-lan(XLights). Then I go to Interfaces XLights check box enable, change description, static IPv4, enter address 192.168.20.1 /24, Save. (Same for MGMT 10 except .10.1) but not focusing on that one right now. Then go to Firewall - Rules - XLights, I have 2 rules, top is Allow LAN address access - Pass - XLights - IPv4 - Any - Source = Any Destination = LAN address. Lower rule Allow All - Pass - XLights - IPv4 - Any - Source Any, Destination Any. Thats it for the 4100.
      The Aruba came with VLAN1, I added VAN 10 MGMT & VLAN 20 XLights, untagged on the 2 ports that the XLights devices plug into. On the port that my pc plugs into I tagged VLAN1, and added untagged VLAN10 & VLAN20. I am thinking I have everything setup correctly (of course...) but its not working? Can someone take a look and HELP? If you got this far THANK YOU and Thank you for your Help!

      the otherT patient0P johnpozJ 3 Replies Last reply Reply Quote 0
      • the otherT Offline
        the other @dbeaver2471
        last edited by

        @dbeaver2471 hey there,

        @dbeaver2471 said in Cant get VLAN configuration between Netgate 4100 & Aruba 1930 to work:

        On the 4100 I created the VLANs 10 & 20 thru Interface-Assignments-VLANS

        What about VLAN1? Created that there as well?
        BTW it is not a good practice to use vlan1 as data transporting productive vlan...better: either put pc in mngmt vlan as well or create a new one (and make sure to set proper firewall rules).

        If you use vlan 1 as trunk / uplink VLAN, then vlan 1 (often the native vlan) goes untagged while all others go tagged...

        the other

        pure amateur home user, no business or professional background
        please excuse poor english skills and typpoz :)

        1 Reply Last reply Reply Quote 0
        • patient0P Offline
          patient0 @dbeaver2471
          last edited by

          @dbeaver2471 said in Cant get VLAN configuration between Netgate 4100 & Aruba 1930 to work:

          The Aruba came with VLAN1, I added VAN 10 MGMT & VLAN 20 XLights, untagged on the 2 ports that the XLights devices plug into. On the port that my pc plugs into I tagged VLAN1, and added untagged VLAN10 & VLAN20.

          I don't know the Aruba switches, but generally:

          • a port can only have one untagged VLAN on it, never two or more.
            https://arubanetworking.hpe.com/techdocs/AOS-S/16.10/ATMG/WB/content/common%20files/exa-tag-untag-vla-por-ass.htm
          • how have you configured the port that connects the switch and pfSense (trunk port)?
          • What traffic from which VLAN do you want to see on the PC?
          • the two XLights firewall rules: if you use the second rule (any-any), you don't need the first since the.
          • I would leave the Source=Any - Destination=Any until you configured the VLANs correctly
          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator @dbeaver2471
            last edited by johnpoz

            @dbeaver2471 said in Cant get VLAN configuration between Netgate 4100 & Aruba 1930 to work:

            n the port that my pc plugs into I tagged VLAN1

            That is almost always going to be wrong.. If your tagging vlan 1, I can pretty much assure you doing it wrong. Especially if your plugging a pc into that port.

            pfsense - 1 U, 10T, 20T - switch - ports you want devices in either 1, 10 or 20 - all would be untagged.

            Untagged is also just another way to say native, if you have your lan on icg0 then that is a native and untagged.. If you want to carry other vlans over that same icg0 interface they would be tagged.

            Your switch would have its default (vlan 1) as native on the port that plugs into icg0 of pfsense - and would have tagged vlans 10 and 20.

            Devices you plug into this switch that you want on a specific network, be it 1, 10 or 20 would be just untagged in that vlan on your switch.

            Only if you are uplinking to another switch, or AP or like a vm host interface or something would you tag 10 and 20.. When that thing your uplinking to would need to be able to put traffic on any of those networks.

            If you would tag a vlan to your PC, then you would have to setup your pc to understand the tag, and also any traffic it put on the wire would need to be tagged.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.