    Apologies if this is the wrong section but I didn't think this would fit anywhere else as well as this is strictly not a pfsense issue - am just after a yey or nay on my vlan.

    This is my very first jump into vlans so naturally after all the reading am still a little confused.

    My current home lab setup:

    internet – router ( -- pfsense1 wan ( -- pfsense1 lan ( -- L2 switch

    I have another physical pfsense box with 2 nics (wan lan) that I use as a spare as my primary (above) is running in a vm.

    The 2 pfsenses are configured identical (ip's etc).  The 2nd pfsense is never powered up at the same time as my primary as it's my emergnecy failback in case the vm goes down etc.

    So, if I wanted to switch pfsenses I would power down pfsense1, pull the wan cable from pfsense1 and plug it into the pfsense2 wan port then power up pfsense2.

    As I need to change the run of my cabling I'm gong to be restrcted in swapping the wan cable between boxes so thought I'd create a simple vlan.

    By default my switch has all 24 ports in VID (1) and untagged.  I created a new VID (10) and moved ports 22,23 and 24 into that and they are untagged.  so the main wan cable and the 2 pfsenses plug into those ports.

    This method works but am just wanting to clarify it is the correct method?

    Apologies from droning on but think it's always nice to give a snapshot of the setup etc. and I know I should be looking at carp but am leaving that for another day.

    From what I understand you have simply divided your switch into two groups making it the equivalent of a 21 port switch and a separate 3 port switch.
    Since you don't have any trunk ports or VLAN interfaces in pfSense there shouldn't be much to go wrong!


  • Cheers Steve for the response.

    Yes you are correct in basically making 2 switches out of 1.

    I've just finished my cable run job today..well more like cable tidying so am glad I thought of my vlan option.

    Thanks again.