Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing between VLANs

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      n.vakili
      last edited by

      Hello there,
      I have a pfsense box with 2 NICs, one is WAN and another one is LAN with 15 vlans.
      I have struggled too much to ping 2 devices in different vlans. this made me anger to do all possibilities and I added these rules in one of the vlans

      IPv4 * AGRICULTURE net * ART net * * none
      IPv4 * ART net * AGRICULTURE net * * none
      IPv4 * AGRICULTURE address * ART address * * none
      IPv4 * ART address * AGRICULTURE address * * none
      IPv4 * ART net * * * * none To share internet

      IPv6 * * * * * * none To share internet

      and the vise versa of this on other vlan but I can't ping :(
      I think some where routing between vlans are off in pfsense.
      it is mentionable that the switch that I used to test routing is a bit old ( i don't think that would be the problem coz those vlans have internet access through that switch)

      any help please

      any help

      1 Reply Last reply Reply Quote 0
      • jahonixJ
        jahonix
        last edited by

        @n.vakili:

        …coz those vlans have internet access through that switch...

        Sure thing. What???  :o

        Is your old switch managed (brand & make maybe)? L2 or L3?

        1 Reply Last reply Reply Quote 0
        • N
          n.vakili
          last edited by

          Problem solved! and thanks for the reply. the problem was not with the switch

          Solution on enabling routing between vlans:

          • add gateways for each vlan in System->Routing menu
          • then in each vlan interface enable "up streem gateway" to that vlan's ip address
          • then add the default rules  on vlans to enable internet access ( this will also make access to vlans ). these two rules for each vlan:

          IPv4*  ART(myVLAN) net  *  *  *  *  none      To share internet

          IPv6*  *  *  *  *  *  none      To share internet

          none of those other rules is required.

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by

            @n.vakili:

            Problem solved! and thanks for the reply. the problem was not with the switch

            Solution on enabling routing between vlans:

            • add gateways for each vlan in System->Routing menu
            • then in each vlan interface enable "up streem gateway" to that vlan's ip address
            • then add the default rules  on vlans to enable internet access ( this will also make access to vlans ). these two rules for each vlan:

            IPv4*  ART(myVLAN) net  *  *  *  *  none      To share internet

            IPv6*  *  *  *  *  *  none      To share internet

            none of those other rules is required.

            uhm what now ? because that advice seems awful if it is what i think it is.
            you should never use gateways for directly attached networks. you shouldn't need to manually add routes for directly attached networks.

            if for whatever reason, this works for you: its gonna bite you in the ass at one point or another. please find a sane solution to your network problem.
            i'm sure if you provide enough details, that the folks on this forum will be able to help

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.