4. VLANs on router on a stick - Pfsense

VLANs on router on a stick - Pfsense

  • D

    Hello Community,
    I don't seem to get my Cisco switch 4849 (setup with 5 vlans) to properly "trunk" with pfsense

    Here's the background of what I'm trying to achieve:

    • Configure 5 vlans on  Cicso switch ( success)
    • Create gateways (interfaces) for those vlans on pfsense (success)
    • Setup dhcp relay in pfsense to forward dhcp request to my DHCP server (Configured but not working)

    My Current Configuration

    I'm currently running pfsense version 2.2.5-RELEASE (amd64) on an i5 Hp workstation with 16 Gb of Ram and 120 Gb SSD

    1. On my switch

    Cisco Configuration:
    VLAN Configuration
    SW1(config)#vlan 10
    SW1(config-vlan)#name KOT
    SW1(config)#interface Fastethernet #/#
    SW1(config-if)#switchport mode access
    SW1(config-if)#switchport access VLAN#

    Did the same for the remaining Vlan

    Ensured all my interfaces(include the virtual interface) are "not shut"
    My switch Management ip is 10.10.10.3
    My DHCP Server ip is 10.10.10.10, and is connected to my cisco switch interface assigned to vlan 10

    SW1(config)#interface gig 1/1
    SW1(config-if)#Switchport trunk encapsulation dot1q
    SW1(config-if)#Switchport mode trunk

    I have connected my Gig1/1 to the Lan Network Card on the PFsene box

    1. On pfsense
      I created corresponding vlan interfaces with the pfsense LAN interface as the parent
      Under services -> DHCP Relay, I specified all the vlan interfaces and the IP address of my dhcp servers
      Under  firewall -> Rules, I setup the following rule for on my LAN interfaces (that is LAN interface + VLAN interfaces) :
      Action : Pass
      Interface: vlan#
      TCP/IP Version: IPv4
      Sources: vlan# net
      Destination : Any
      Protocol : tcp/udp

    LAN IP : 10.10.10.2
    Vlan 10 IP : 10.10.10.1
    Vlan 20 IP : 10.10.20.1
    Vlan 30 IP : 10.10.30.1
    Vlan 40 IP : 10.10.40.1
    Vlan 50 IP : 10.10.50.1

    ISSUE

    When using the PFsense Ping tool, I can ping from any vlan interface to any except my switch IP and DHCP server IP.
    It's almost looks like my trunk isn't connecting proprerly with pfsense interfaces (LAN or  Vlan interfaces)

    I don't know what I'm doing wrong here, any help will be appreciated. I have a deadline with  customer.

    0
  • D

    I figured it out. pfsense won't let you use your original LAN IP address in addition to the VLAN interface ip.
    So I went "interface -> LAN". Under "IPv4 Configuration Type" i select "none". But the remaining VLANs interfaces kept their respective ips.
    I gave it a reboot and "voila" problem solved.

    0
  • R

    @Digitallydone:

    I figured it out. pfsense won't let you use your original LAN IP address in addition to the VLAN interface ip.
    So I went "interface -> LAN". Under "IPv4 Configuration Type" i select "none". But the remaining VLANs interfaces kept their respective ips.
    I gave it a reboot and "voila" problem solved.

    This should be the case with any router. On a trunk interface all traffic needs to be tagged.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy