Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VLANs on router on a stick - Pfsense

    General pfSense Questions
    2
    3
    2161
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Digitallydone last edited by

      Hello Community,
      I don't seem to get my Cisco switch 4849 (setup with 5 vlans) to properly "trunk" with pfsense

      Here's the background of what I'm trying to achieve:

      • Configure 5 vlans on  Cicso switch ( success)
      • Create gateways (interfaces) for those vlans on pfsense (success)
      • Setup dhcp relay in pfsense to forward dhcp request to my DHCP server (Configured but not working)

      My Current Configuration

      I'm currently running pfsense version 2.2.5-RELEASE (amd64) on an i5 Hp workstation with 16 Gb of Ram and 120 Gb SSD

      1. On my switch

      Cisco Configuration:
      VLAN Configuration
      SW1(config)#vlan 10
      SW1(config-vlan)#name KOT
      SW1(config)#interface Fastethernet #/#
      SW1(config-if)#switchport mode access
      SW1(config-if)#switchport access VLAN#

      Did the same for the remaining Vlan

      Ensured all my interfaces(include the virtual interface) are "not shut"
      My switch Management ip is 10.10.10.3
      My DHCP Server ip is 10.10.10.10, and is connected to my cisco switch interface assigned to vlan 10

      SW1(config)#interface gig 1/1
      SW1(config-if)#Switchport trunk encapsulation dot1q
      SW1(config-if)#Switchport mode trunk

      I have connected my Gig1/1 to the Lan Network Card on the PFsene box

      1. On pfsense
        I created corresponding vlan interfaces with the pfsense LAN interface as the parent
        Under services -> DHCP Relay, I specified all the vlan interfaces and the IP address of my dhcp servers
        Under  firewall -> Rules, I setup the following rule for on my LAN interfaces (that is LAN interface + VLAN interfaces) :
        Action : Pass
        Interface: vlan#
        TCP/IP Version: IPv4
        Sources: vlan# net
        Destination : Any
        Protocol : tcp/udp

      LAN IP : 10.10.10.2
      Vlan 10 IP : 10.10.10.1
      Vlan 20 IP : 10.10.20.1
      Vlan 30 IP : 10.10.30.1
      Vlan 40 IP : 10.10.40.1
      Vlan 50 IP : 10.10.50.1

      ISSUE

      When using the PFsense Ping tool, I can ping from any vlan interface to any except my switch IP and DHCP server IP.
      It's almost looks like my trunk isn't connecting proprerly with pfsense interfaces (LAN or  Vlan interfaces)

      I don't know what I'm doing wrong here, any help will be appreciated. I have a deadline with  customer.

      1 Reply Last reply Reply Quote 0
      • D
        Digitallydone last edited by

        I figured it out. pfsense won't let you use your original LAN IP address in addition to the VLAN interface ip.
        So I went "interface -> LAN". Under "IPv4 Configuration Type" i select "none". But the remaining VLANs interfaces kept their respective ips.
        I gave it a reboot and "voila" problem solved.

        1 Reply Last reply Reply Quote 0
        • R
          RyujinJakka last edited by

          @Digitallydone:

          I figured it out. pfsense won't let you use your original LAN IP address in addition to the VLAN interface ip.
          So I went "interface -> LAN". Under "IPv4 Configuration Type" i select "none". But the remaining VLANs interfaces kept their respective ips.
          I gave it a reboot and "voila" problem solved.

          This should be the case with any router. On a trunk interface all traffic needs to be tagged.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post