VLAN question.

alextech0x

Hello people.

On my network i have 3 Telesis Switches and 4 VLANs. The main one has Gigalan ports enabled for all of the VLAN and also the e1 port wich is where pFsense is connected.

Now on a 2nd Switch i have from port 1 to 12 and both Gigalan ports configured to use all of the VLANs. On this one i have 2 UniFi
Same on 3rd. On this one i have 4 UniFi

Now a company installed cameras that will use one of the VLANs, and for some reason that server cannot see the cameras IP. On monday he will bring 4 tablets from wich Security will be able to check all of the Cameras connected to a server, but i dont know if that will work.

What is better to set every single device to dhcp and assign a static ip to the vlan needed through pfSense? so that way i will make sure everything will see eachother?
I just learned how to configure VLAN on both pFsense and Switches, not any close to be pro at it.

I cannot ping IPs from other VLAN although i know VLAN are meant to be separate lans not sure if thats right.

jahonix

Are your switches L2 or L3?
Do you feed a trunk with all VLANs to pfSense?
Who does the routing between VLANs?
…
IP scheme of subnets/VLANs
Firewall rules for each VLAN/interface in place?
...

alextech0x

@jahonix:

Are your switches L2 or L3?
Do you feed a trunk with all VLANs to pfSense?
Who does the routing between VLANs?
…
IP scheme of subnets/VLANs
Firewall rules for each VLAN/interface in place?
...

Hello Mr.
I dont know what L2 or L3 means, sorry.
On the main switch ( AT8000S ) the VLAN Ports are on trunk mode.
All 3 switches are connected through Gigalan ports, on the 2nd and 3rd one ( Both AT750FS ). The only trunking mode i found doesnt seem to do because is more likely ( at least i think ) to use as a reserve if one of the ports breaks down. Whenever i want to set that trunk mode it tells me i need at least 2 ports selected. The only change in 2nd and 3rd switch are the VLANs created and the Tagged ports for each VLAN.

VLAN 10
Subnet 192.168.1.0
Subnet mask 255.255.255.0
Available range 192.168.1.1 - 192.168.1.254
VLAN 20 ( This is the Wireless one ) This has the rule to have access to internet.
Subnet 10.16.24.0
Subnet mask 255.255.254.0
Available range 10.16.24.1 - 10.16.25.254
VLAN 30
Subnet 10.16.26.0
Subnet mask 255.255.255.0
Available range 10.16.26.1 - 10.16.26.254

Rules are basically VLANs cannot see other VLANs and also LAN net
block   IPv4 * CAMARAS net * INVITADOS net * * none    
block   IPv4 * CAMARAS net * LUCES net * * none    
block   IPv4 * CAMARAS net * LAN net * * none

Derelict

I dont know what L2 or L3 means, sorry.

Layer 2. Layer 3.

Why are you the one maintaining this network if you don't know anything about even basic IP networking?

alextech0x

All 3 are Layer 2. I knew that, what i didnt know is the Lx meaning.

I am learning on the go, i dont want to be rude but in any case my boss should be the one asking that.