Painfull VLAN issue
Has anyone ever had any experience getting pfsense working correctly with VLANs on one of Dells PowerConnect switches ? I have pf 1.2-RC2 installed on an IBM x330 on one end and a
PowerConnect 5324 on the other. Everything works well with traditional non-VLAN interfaces, but for the life of me I cant get any VLAN goodness to work. Meaning I get the VLANed interfaces set up and configured per the pf docs with no problems, however any traffic sent to the switch dosnt seem to contain any vlan info and gets tagged to the default VLAN on the switch.
I have never done VLANS on a dell switch before so I may just be missing something on the switch (yes i have read there man several times over).
Any help / suggestions / troubleshooting tips would be greatly appreciated.
Paste the config you have on pfsense's port on the switch.
I've had problems getting dot1q tagging to work between Dell switches and Cisco switches and even between different models of Dell switches. You might have everything configured correctly but it just won't work.
BTW, I have 1.2-RC2 on my WRAP box tagging with a Cisco 2940 switch and it works fine. Do you have another switch you can try it with?
I was able to get it working on a PowerConnect 3024…I setup a vlan to segment off wireless traffic coming in from a standard Linksys WAP. It took me a bit but what finally worked for me was:
Port 1 = Firewall server
Port 3 = WAP port
I left the default VLAN alone and added a new vlan using vlan id #6 (no specific reason for that...I just like the number 6 :) ). In this vlan I added port 1 tagged (so all data going to the firewall will remain tagged) and port 3 untagged (so data going out to the WAP will be untagged). I also set the default vlan for port 3 to vlan id #6 so any untagged data coming from the wlan will be tagged with vlan id #6.
Then just follow the pfSense setup instructions to setup the interface and all that and you should be good to go!
I have a PowerConnect 5424. I also have the LAN port on my switch set to tag all VLANs. I can only get a port untagged if I require authenticated users. Port authentication is set to none. Yet I can't get any traffic thru.
I ran into a problem with cisco switches that had the native vlan1 configured (factory default) on the port and additional to that vlan1 as tagged vlan on the same port. In that constelation the cisco was not using the tagged vlan1 as the port was on native vlan1 as well. After resolving the native vlan1 issue on that port things started working.
Dell switches are very, very buggy with older firmware (and a few models with the newest firmware). But I've used several different models, and with the most recent firmware on them they do fine with the basics like VLAN trunking.
Anyone coming across this thread in the future - if you're using Dell switches make sure you have the latest firmware on them. It's good advice for any managed switch, for that matter.
Got it all working. The untagged ports on the Dell are set to general/VLANx/ingress filtering disabled and everything is trunked to the LAN interface of pfSense.