Route traffic based on vLan



  • hi all,

    i would like to set an outbound LAN rule to direct traffic with a VLAN tag of 10 over one gateway, and untagged traffic over another.

    is this possible please?



  • The rules work at layer3 - based on IP addresses. The traffic in VLAN10 should be in some subnet (e.g. 192.168.10.0/24), you would put a rule on the VLAN10 interface for traffic with source IP 192.168.10.0/24 and select the gateway you want (in the advanced rule section).
    The untagged VLAN would have another interface and subnet, and you add another rule for that.
    I think that others will recommend not mixing tagged and untagged on your VLAN trunk to pfSense - but I will leave that for others to comment on.



  • You could try to use a bridge consisting of your RAW LAN interface, and a VLAN interface as your "LAN" connection.  Then in the "LAN" firewall rules select the appropriate sub "interface" and try assigning the traffic to a gateway.

    This would work similar to the way you configure pfSense when you want it to function as a wireless router.  I'm anxious to hear if this works!



  • thanks all, will give it a go when the project goes ahead