VLAN question.



  • Hello people.

    On my network i have 3 Telesis Switches and 4 VLANs. The main one has Gigalan ports enabled for all of the VLAN and also the e1 port wich is where pFsense is connected.

    Now on a 2nd Switch i have from port 1 to 12 and both Gigalan ports configured to use all of the VLANs. On this one i have 2 UniFi
    Same on 3rd. On this one i have 4 UniFi

    Now a company installed cameras that will use one of the VLANs, and for some reason that server cannot see the cameras IP. On monday he will bring 4 tablets from wich Security will be able to check all of the Cameras connected to a server, but i dont know if that will work.

    What is better to set every single device to dhcp and assign a static ip to the vlan needed through pfSense? so that way i will make sure everything will see eachother?
    I just learned how to configure VLAN on both pFsense and Switches, not any close to be pro at it.

    I cannot ping IPs from other VLAN although i know VLAN are meant to be separate lans not sure if thats right.



  • Are your switches L2 or L3?
    Do you feed a trunk with all VLANs to pfSense?
    Who does the routing between VLANs?

    IP scheme of subnets/VLANs
    Firewall rules for each VLAN/interface in place?
    ...



  • @jahonix:

    Are your switches L2 or L3?
    Do you feed a trunk with all VLANs to pfSense?
    Who does the routing between VLANs?

    IP scheme of subnets/VLANs
    Firewall rules for each VLAN/interface in place?
    ...

    Hello Mr.
    I dont know what L2 or L3 means, sorry.
    On the main switch ( AT8000S ) the VLAN Ports are on trunk mode.
    All 3 switches are connected through Gigalan ports, on the 2nd and 3rd one ( Both AT750FS ). The only trunking mode i found doesnt seem to do because is more likely ( at least i think ) to use as a reserve if one of the ports breaks down. Whenever i want to set that trunk mode it tells me i need at least 2 ports selected. The only change in 2nd and 3rd switch are the VLANs created and the Tagged ports for each VLAN.

    VLAN 10
    Subnet 192.168.1.0
    Subnet mask 255.255.255.0
    Available range 192.168.1.1 - 192.168.1.254
    VLAN 20 ( This is the Wireless one ) This has the rule to have access to internet.
    Subnet 10.16.24.0
    Subnet mask 255.255.254.0
    Available range 10.16.24.1 - 10.16.25.254
    VLAN 30
    Subnet 10.16.26.0
    Subnet mask 255.255.255.0
    Available range 10.16.26.1 - 10.16.26.254

    Rules are basically VLANs cannot see other VLANs and also LAN net
    block   IPv4 * CAMARAS net * INVITADOS net * * none    
    block   IPv4 * CAMARAS net * LUCES net * * none    
    block   IPv4 * CAMARAS net * LAN net * * none


  • LAYER 8 Netgate

    I dont know what L2 or L3 means, sorry.

    Layer 2. Layer 3.

    Why are you the one maintaining this network if you don't know anything about even basic IP networking?



  • All 3 are Layer 2. I knew that, what i didnt know is the Lx meaning.

    I am learning on the go, i dont want to be rude but in any case my boss should be the one asking that.


Log in to reply