Wan Port in Vlan
-
I have only two NIC in my server. I am trying to set up following and do url filtering
sw (vlan 100 ) –---> lan [pfsense ] wan –------> sw ( vlan 100 )
But I can't find any way to add wan port in vlan 100. Doesn't pfsense support wan port as layer 2 ?
Can squidguard/ dansguardian filter url in this setup ?
Thanks
Jasim -
But I can't find any way to add wan port in vlan 100. Doesn't pfsense support wan port as layer 2 ?
I think you looked at the wrong tabs in the Web GUI. You don't add a tag to your WAN interface, it's done differently.
Create a VLAN interface at Interfaces | (assign) on the VLANs tab.
On the Interfaces assignments tab give your interface (WAN) the newly created VLAN as Network port.Remember to not mix tagged and untagged traffic on the same physical interface (e.g. make your LAN a tagged VLAN as well). And don't use VLAN ID1 for anything else than nothing.
But why don't you just use the two NICs you have as WAN and LAN?
-
sw (vlan 100) –---> lan [pfsense ] wan –------> sw (vlan 100 )
In that case you must bridge the ports together, but I really want prevent to do this really.
Often this is causing then more problems then it solved problems.- flapping ports
- packet drops
- packet loss
Or you disable NAT at the WAN port and enables only plain routing this could be also a workaround
to drive VLANs at the WAN port.