Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem routing VLAN traffic

    Routing and Multi WAN
    2
    3
    6.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mmalaprop
      last edited by

      Hi,

      i'm setting up VLAN on my pfsense 2.1 nanobsd running on an ALIX board
      the board has 3 network interfaces vr0 -> LAN, vr1 -> WAN, vr2 -> WAN2.

      as i am still in the setup process its not acting as a FW and is simply
      a regular device connected via LAN to my local network which means there
      is no DHCP on the LAN and the LAN has a static IP which is part of the
      local network. the gateway on the ALIX LAN is the router on the network
      (which incidentally is pfsense (2.0) on a WRAP board - being replaced soon).

      VLAN wise i've done the following:

      • created a new VLAN interface on vr0 called GUEST tagged as 90
      • enabled a DHCP server on the interface
      • configured the netgear gs105e switches.

      it works… partially:

      • on the alix i can ping from  interfaces LAN to GUEST and vice versa
      • the test device on the VLAN gets a (VLAN) IP assigned
      • the test device can ping the GUEST on the ALIX and the LAN itself
        I'm assuming that the VLAN stuff (tagging etc) works.

      but what doesn't work:

      • can't reach any other device on the LAN (network) from the test device e.g the WRAP board
      • which means can't reach the gateway to get to the internet.

      pfsense seems to route (out of the box) between VLAN and LAN. and it mentions that on the
      routes page... how else could the test device ping ALIX on LAN?

      also: DNS seems to work (don't know why) but when i ping google on the VLAN test
      device the IP is resolved. it must be getting that information from the WRAP ???

      now since pfsense (ALIX) seems to route GUEST packets to LAN i'm interpreting
      that i don't need a route..? so what should i be looking at the FW rules
      on the WRAP ?

      thanks in advance,

      michael

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        Few things just to check:
        Is firewalling turned off (as in it is working in routing mode)? This option is in the advanced section.
        Did you create a new allow all rule on the VLAN tab?
        Did you switch to manual outbound nat BEFORE setting up the VLAN? (in which case you would need to add the NAT).
        If in router mode, did you allow traffic from that VLAN in on the LAN on the WRAP?

        1 Reply Last reply Reply Quote 0
        • M
          mmalaprop
          last edited by

          hi podilarius,
          thanks for your reply.
          i didn't disable the firewall - but i did add an allow all rule.
          it turns out the problem i had was i added the IP address of the VLAN interface in the "gateway' field… my thinking must have been that its what the dhcp passes to the client. but it must have meant that the interface itself was pointing to itself . anyway once i set that to none it worked.
          cheers,
          m

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.