Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    More than one vlan on an interface

    Firewalling
    2
    3
    759
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nadir.latif
      last edited by

      Hello,

      We are trying to configure 10 vlans on our pfsense server. the server has 2 physical network interfaces. one for LAN and one for WAN. Is it possible to configure all the vlans on the LAN interface. we created vlans on the LAN interface (em1) and then created a separate virtual interface for each vlan. we then assigned an ip address to each interface. however we were not able to ping the interfaces.

      Thanks,

      Nadir Latif

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Yes, that works fine. So long as your switch is trunking all of the tagged VLANs using 802.1q to that port on pfSense.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • N
          nadir.latif
          last edited by

          Hi,

          We have configured trunking on the switch ports connected to our pfsense server. We followed this guide for configuring vlans (http://blog.stefcho.eu/?p=695). But we are not able to ping our vlan interfaces. The pfInfo page shows following stats for one of the vlan interfaces. In4/Block shows 29 packets blocked In4/Pass shows 0 packets. It looks like packets are being blocked. However we have configured firewall rules that allow all traffic from the vlan subnet. We also ran a packet capture on the the vlan interface. It showed arp requests being sent to the vlan interface, but did not show any arp replies. The problem seems to be caused by having multiple vlans on a single physical interface.

          em1_vlan2
          Cleared:    Thu May 22 03:34:02 2014
          References:  [ States:  15                Rules: 27                ]
          In4/Pass:    [ Packets: 0                  Bytes: 0                  ]
          In4/Block:  [ Packets: 29                Bytes: 928                ]
          Out4/Pass:  [ Packets: 716                Bytes: 35284              ]
          Out4/Block:  [ Packets: 0                  Bytes: 0                  ]
          In6/Pass:    [ Packets: 0                  Bytes: 0                  ]
          In6/Block:  [ Packets: 29                Bytes: 2088              ]
          Out6/Pass:  [ Packets: 1                  Bytes: 96                ]
          Out6/Block:  [ Packets: 0                  Bytes: 0                  ]

          Thanks,

          Nadir Latif

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.