Locked out after switching to VLAN on LAN Side



  • I came across an interesting issue while setting up VLAN's.

    1. Create new VLAN with the parent interface being LAN
    2. Reassign LAN interface to the new VLAN network port
    3. Apply
    4. Inbound connectivity functional, NAT and firewall rules still working.
    5. Outbound connectivity lost, can't access the pfSense box anymore, can't ping.

    What happened was that upon reassigning the LAN interface, the "Default allow LAN to any rule" was not updated.  I had to go back into the firewall, open the rule, and just re-apply it (no changes where made).

    Prior to all this I had luckily already setup a 3rd VLAN and created the default "to any" rule on the interface.  Had I not done so, I would have been locked out of the firewall.

    This is pFsense 2.0.1-RELEASE i386


Log in to reply