Topic locked with wrong answer?
-
Greetings -
I just spent a couple months dealing with intermittent packet loss and it seems to have been resolved by replacing our Netgear switch. During the time while troubleshooting the issue and searching the web, I kept coming back to this post: http://forum.pfsense.org/index.php/topic,45789.msg257663.html#msg257663
After assuming that was correct, I just couldn't figure out how to resolve it - how do you access the management interface if it's anywhere other than the LAN?
Basically I think that post is wrong and caused me to waste a bunch of time, so I'd like to set the record straight for future searchers, but the thread is locked - what's up with that, can we unlock it and set the record straight?
tyvmia
-
Threads lock themselves after a certain time limit to prevent people from hijacking old irrelevant threads.
The last post on that other thread is correct, it is best to separate your switch's management into its own separate VLAN so it is not on LAN. How you do that depends on your switch.
It's also best to move your default user ports to a different VLAN so that VLAN1 is only internal switch traffic.
You can access it on another VLAN by having pfSense's port tagged for both the user VLAN and management VLANs and have pfSense setup an interface on the other VLAN's subnet, and you can route between them.
The advice on the other thread was solid, but it was apparently a different issue than you were seeing, so your solution may or may not actually be relevant to that thread.
