Question about vlans
-
Greetings everyone.
I have a quick question about vlans. I am going to require 3 different subnets in my network. 10.1.1.0/24, 10.1.100.0/24 and 192.168.106.0/24. Now I am thinking that I should just setup each one of these subnets as vlans. Do I or can I utilize the physical LAN interface for one of these subnets? Currently the LAN is being used as a 10.1.1.0/24 and is also using failover carp. I had read somewhere not to use the LAN or native vlan ever. Also, how do I go about allowing those vlans to access one another? Is it just allowing them to speak via the rules? Currently I have the LAN setup like I said previously, and then a vlan10 that is setup as a 10.1.100.0/24 network. The vlan itself has the IP of 10.1.100.1. Vlan10 can get out to the internet just fine, but cannot ping 10.1.1.0/24 and visa versa. Any help would be greatly appreciated.
Anthony
-
Hopefully I understand your question correctly. But here goes. You certainly can utilize the single LAN interface for all of the subnets. Make sure the card supports 802.1q trunking. It will probably work even if it doesn't but you can run into some weird things. Sounds like you may be doing this already. In this case you would have 2 physical adapters in your pfSense box. One would be the WAN. The other would be multiple networks…the LAN (VLANx with 10.1.1.0/24), OPT1 (VLANx with 10.1.100.0/24), OPT2 (VLANx with 192.168.106.0/24). Simply point the dfgw of the hosts on these subnets at the pfSense box and allow them to talk to eachother as I believe you've stated you needed. Hopefully this helps!!