  • hi all,

    i would like to set an outbound LAN rule to direct traffic with a VLAN tag of 10 over one gateway, and untagged traffic over another.

    is this possible please?

  • The rules work at layer3 - based on IP addresses. The traffic in VLAN10 should be in some subnet (e.g., you would put a rule on the VLAN10 interface for traffic with source IP and select the gateway you want (in the advanced rule section).
    The untagged VLAN would have another interface and subnet, and you add another rule for that.
    I think that others will recommend not mixing tagged and untagged on your VLAN trunk to pfSense - but I will leave that for others to comment on.

  • You could try to use a bridge consisting of your RAW LAN interface, and a VLAN interface as your "LAN" connection.  Then in the "LAN" firewall rules select the appropriate sub "interface" and try assigning the traffic to a gateway.

    This would work similar to the way you configure pfSense when you want it to function as a wireless router.  I'm anxious to hear if this works!

  • thanks all, will give it a go when the project goes ahead

