Dummy switches plugged into my GS108T don't work
-
I'm currently running pfSense-VM 1.2.3 in VMWare workstation, host is server 2008 r2 and running on a intel gigabit pro 1000base-T
My GS108T is running with everything else on default, just 802.1q configured as follows:-
There are 4 tags: 1 (default), 10 (LAN), 20 (WAN), 30 (WAN2)
-
port 1 is U and pvid is 20
-
port 2 is U and pvid is 30 (for future expandability with dual WAN)
-
port 3 is T and pvid is 1
-
ports 4 to 8 are U and pvid is 10
I've got 3 vlans set up in windows, vlan10 is LAN, vlan20 is WAN, untagged-vlan is Host (OPT1) (so that the host PC can have a connection without an extra wire)
Upon the fresh installation of pfsense, I assign the correct interfaces and assign pfSense the address 192.168.1.99 /24, enable dhcp server and give it a range of 192.168.1.100 to 192.168.1.254
I then went to the webUI, configured it PPPoE and inputted only my username and password, set up time server, changed password, dns server is google dns.
I bridged OPT1 with LAN, and opened up everything in firewall rules so that the host PC can communicate with the rest of the network.Questions about what this newbie (me) has done so far:
-With this configuration, I've plugged a dummy switch into port 4 on the gs108t but the clients connected to that dummy switch can't communicate. Is there a specific setting I have to change in pfSense so that those clients will be able to communicate?
-Is there a more efficient way for the Host pc to communicate with the rest of the network without pulling another wire? I tried host-only connection by disabling dhcp in vmware workstation, it didn't work.
-is it correct to have the maximum dhcp range at 192.168.1.254? Should it be .255 or something else? My minimum is .99 because I'd like to keep a few for static IP's (printers, servers, my own computer, AP's) -
-
I assume the Workstation is connected to Port 3? Have you set Port 3 to trunk properly in the switch?
The GS108T is nice but the Vlan GUI leaves much to be desired; needs to have the group membership, pvid and tagging in 3 separate pages.ie.
You should have:
If all of that is done properly, you should not have any issues with clients connected to a dumb switch on ports 4 - 8, even if the dumb switch doesn't support 802.1q. The Vlan tag will be stripped or appended on the Netgear itself.
Have your VM host use PVID 1 for it's internet connection and you should be able to connect to the internet through the pfsense vm on OPT1 (configure this to be VLAN 1; not recommended but it's a quick fix). Just remember to create rules for OPT1 for NAT.
-
I've got 3 vlans set up in windows, vlan10 is LAN, vlan20 is WAN, untagged-vlan is Host (OPT1) (so that the host PC can have a connection without an extra wire)
Can't remember if it was configuration problem or a security concern that made me add a extra nic to a setup I had some time ago http://www.gliffy.com/publish/1610434/
-
dreamslacker, that's exactly how I have it set up. Hyperlight found the problem, it turns out to be that OPT1 was bridged with LAN. Unbridging it gives all the other switches their connections.
Have your VM host use PVID 1 for it's internet connection and you should be able to connect to the internet through the pfsense vm on OPT1 (configure this to be VLAN 1; not recommended but it's a quick fix). Just remember to create rules for OPT1 for NAT.
Would it be able to still communicate with the rest of the network? I'm going to be streaming 1080p over ethernet and it's gonna serve as a NAS too (no redundancy at all lol). I may have to pull an extra wire in the end, but only as a last resort. Thanks.
-
No reason why it wouldn't work.. Only that the traffic to LAN (vlan 10) routes back through the pfsense.
A separate card plugged into the switch wouldn't need to be vlan configured and internal network traffic won't need to route through the pfsense vm (lesser load and rules to set).