• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Problem routing VLAN traffic

Scheduled Pinned Locked Moved Routing and Multi WAN
3 Posts 2 Posters 6.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mmalaprop
    last edited by Oct 15, 2013, 10:56 AM

    Hi,

    i'm setting up VLAN on my pfsense 2.1 nanobsd running on an ALIX board
    the board has 3 network interfaces vr0 -> LAN, vr1 -> WAN, vr2 -> WAN2.

    as i am still in the setup process its not acting as a FW and is simply
    a regular device connected via LAN to my local network which means there
    is no DHCP on the LAN and the LAN has a static IP which is part of the
    local network. the gateway on the ALIX LAN is the router on the network
    (which incidentally is pfsense (2.0) on a WRAP board - being replaced soon).

    VLAN wise i've done the following:

    • created a new VLAN interface on vr0 called GUEST tagged as 90
    • enabled a DHCP server on the interface
    • configured the netgear gs105e switches.

    it works… partially:

    • on the alix i can ping from  interfaces LAN to GUEST and vice versa
    • the test device on the VLAN gets a (VLAN) IP assigned
    • the test device can ping the GUEST on the ALIX and the LAN itself
      I'm assuming that the VLAN stuff (tagging etc) works.

    but what doesn't work:

    • can't reach any other device on the LAN (network) from the test device e.g the WRAP board
    • which means can't reach the gateway to get to the internet.

    pfsense seems to route (out of the box) between VLAN and LAN. and it mentions that on the
    routes page... how else could the test device ping ALIX on LAN?

    also: DNS seems to work (don't know why) but when i ping google on the VLAN test
    device the IP is resolved. it must be getting that information from the WRAP ???

    now since pfsense (ALIX) seems to route GUEST packets to LAN i'm interpreting
    that i don't need a route..? so what should i be looking at the FW rules
    on the WRAP ?

    thanks in advance,

    michael

    1 Reply Last reply Reply Quote 0
    • P
      podilarius
      last edited by Oct 16, 2013, 5:15 PM

      Few things just to check:
      Is firewalling turned off (as in it is working in routing mode)? This option is in the advanced section.
      Did you create a new allow all rule on the VLAN tab?
      Did you switch to manual outbound nat BEFORE setting up the VLAN? (in which case you would need to add the NAT).
      If in router mode, did you allow traffic from that VLAN in on the LAN on the WRAP?

      1 Reply Last reply Reply Quote 0
      • M
        mmalaprop
        last edited by Oct 17, 2013, 6:45 PM

        hi podilarius,
        thanks for your reply.
        i didn't disable the firewall - but i did add an allow all rule.
        it turns out the problem i had was i added the IP address of the VLAN interface in the "gateway' field… my thinking must have been that its what the dhcp passes to the client. but it must have meant that the interface itself was pointing to itself . anyway once i set that to none it worked.
        cheers,
        m

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received