Pfsense and VLAN



  • Hello

    I have a pfsense running which has 2 interfaces 1 connecting to LAN and the other to WAN.
    Now on the LAN side there is a dell powerconnect 2724 switch wich is used to connect other servers via the switch to the network. Now i am tring to configure a vlan so that i can isolate the WEBSERVER to lan on it's own.

    What i have done up to now is go on the switch created a vlan membership with id 2, set port 1 as T and then set the port settings so that port 1 points to PVID 2.

    And on the pfsense i created a VLAN with tag 2, assigned an interface and assigned the ip range of the interface.

    Then i went to the webserver and set the ip addresss.

    but the issue is that i cant connect from the other pc's that are also connected to the switch to the webserver which is on that vlan.

    Can anyone help me and i am new to networking by the way :)



  • Try using the search function. http://forum.pfsense.org/index.php?action=search
    There were several threads very similar to this one alone in the last 2~3 weeks.
    (like this one http://forum.pfsense.org/index.php/topic,24476.0.html )

    Just some questions i have from your description:
    Since your server is now in it's own VLAN: Did you make sure you created a firewall rule on the LAN to allow access to the VLAN-OPT?



  • Yes we have sorry i forgot to mention that



  • And the server can get to the internet?
    Can you ping the server from the pfSense itself?
    Can the server ping the pfSense?

    Could you provide a more detailed description what you tested, how you test, what worked, what didn't work, etc.

    Also in your VLAN settings: did you configure the switch so not only the clients cannot access the server, but also the server cannot access the clients? (this could lead to problems)



  • no the server cannot connect to the internet.

    I am testing by hosting a website on the server and trying to access it. I assigned NAT rules. and also rules on the lan to allow tcp between 2 interfaces and still nothing.


Log in to reply