I need to install pfSense to take over from pf on FreeBSD.
I can install it fine and use it as a gateway to the internet.
But, the problem is that I need to use the vLan facility. I can get it all working and DHCPing correctly for the local aspect - but it doesn't allow access to the WAN (and that applys to all of the vLans).
wallabybob last edited by
Please describe your configuration in a bit more detail. You have multiple VLANs on the one physical interface? You have a VLAN capable switch? Your WAN connection is … and it is connected to pfSense by ...
Do any of your VLANs work?
One of the physical interfaces on my pfSense box is shared by two VLANs: one to a single server and one to an ADSL modem by ppp. I have a Procurve 1700-8 VLAN capable switch which presents multiple LANs to the computers downstream of my pfSense box.
Assumption: your vlans work already, like dhcp and dns etc
Normally only lan has access to any.
Any other interface you should give the access.
The switch I'm playing on is a ZyXEL1528. Once I've got it working, I'm going to replace the current firewall which is connected to a 3Com 4200 (both are vLan switches).
I think it looks like a simple case of having to create firewall rules that allow the vLans out? Am I right/ Are these 'simple' forwards/rules - or are they more complicated?
I think I've found it - well, some of it!!
On the interface page I simply enter the gateway as 'none'.
Interestingly, the 10.3.x.x vLan can still access the pfSense server which is at 10.1.0.1 and it can ping 10.1.0.1. Does this mean that there is no inter-vLan security?
- interfaces:assign:vlans …
- after it's static with ip and etc
- firewall:rules:vlan number: add your rules
depends your rules how the interfaces work
It's a real pain that I can't import the conf file for the pf firewall!
Everybody has it's crosses to carry ;)
Sorry, but can't help with that.