TP-Link Managed Switch VLAN failure

baitinghollw

Greetings,
As per the title, I would like help with VLANS, I believe you’all can save me from my brain freeze.

Equipment:
pFsense CE 2.7, running on a mini pc with 5 ports
TP-Link TL-SG3424P JetStream 24-Port Gigabit Managed PoE+ Switch
Laptop and Desktop with Win10 Pro
Laptop with current Linux Mint
Dell Wyse 5060 I use to experiment with debian/docker to test stuff

My current network has 2 subnets, lan and iot (both wired) with their own APs. It works, but I wanted to learn about VLANS and maybe tidy up the network in the future. So I bought the switch.

Years ago I played around with VLANs in pfsence and remember that it worked with linux (configured the interfaces file) and Win10 Home. But I never did anything with it. Long winded, I know, but…

Now, I started with the switch, which has 3 settings for the ports. ACCESS, TRUNK, GENERAL. Following many instructions, I made a VLAN 10, I configured the port attached to the pFsense as TRUNK and the port where a PC is plugged as GENERAL and TAGGED to 10. (I also tried ACCESS}. The PC does not acquire an IP either way. However, in the TP switch you can get a list of MAC addresses and their tags and the PC MAC has a tag of 10.

Next, I wanted to check if the pFsense VLAN was configure correctly, so I set a VLAN on the win10pro laptop adapter to 10 in the adapter settings, and plugged it directly into the LAN network, not using the TP switch, and it did not acquire an IP.

Lastly, I configured the Dell Wyse running linux to lan 10 by editing the interfaces file. Put that directly on the LAN network and THAT WORKED. That tells me pFsense is working correctly. Sort of.

So it looks like the switch’s port tags the MAC correctly, and I personally tag a WIN10 correctly. In both cases, watching Network Connections in the Control Panel, the adapter hangs for a long while at “Inquiring Network” and then fails at “Unknown Network”.

Any help is most appreciated.

Thanks for any help.

Bhnofo

the other

@baitinghollw hey there,
you set up a (default) VLAN 1 as well as Trunk? Then VLAN 10 and 20 running on that trunk (tagged)?

johnpoz

@baitinghollw lets see your pfsense interface settings..

example

You can see vlans running on interfaces igb2, one on igb4

Native interfaces on pfsense interface, say my igb2 would be untagged.. So for a switch port connected to igb2, you would set the vlan you want for that network as untagged, or native.. For my other vlans 4, 6, 5 and 8 that run on that same physical interface igb2 those would be tagged on the switch port that plugs into igb2

Device connect to this switch yhou want in say vlan 4 would be untagged (access) on the switch port.. if you wanted a device in vlan 5 then that port would be access (untagged) in vlan 5.

You would almost never set a device to do tags, unless this interface was going to carry more than 1 network/vlan - ie say a vm host or something.

baitinghollw

Greetings All,

Thanks for your help. It thawed out my brain freeze. Your help got me on the right track and I'm now good to go.
Thanks