On Fri, Jun 25, 2010 at 7:37 PM, JosephHardeman wrote:
>
> That makes sense it being hardware issue or drivers. I don't remember what
> NIC we put in that box, but it is an extra nic card. Which file do we need
> to edit specifically to put the promisc command after, or rather what
> directory i
Hi Chris,
That makes sense it being hardware issue or drivers. I don't remember
what NIC we put in that box, but it is an extra nic card. Which file do
we need to edit specifically to put the promisc command after, or rather
what directory is the file in? /etc?
Thanks for everything
Joe
On Friday, June 25, 2010, Joseph Hardeman wrote:
>
>
>
>
>
> Hi Everyone,
>
> I have an interesting VLAN setup/problem question. I followed the pfSense
> doc on setting up multiple vlans on the same interface (VLAN Trunking) and
> the switch is setup with trunking going to the pfSense box (vlan
On 1/10/10 8:39 PM, Tim Dickson wrote:
>> The 1.2.2 and 1.2.3 GUI interface section does indeed allow for
>> definition of multiple VLAN IDs -- but exactly one IPv4 address per
>> physical interface.
>
> Define the VLAN and it becomes an interface in the GUI where you can define
> an IP/subnet.
in the book :-)
_
Glenn Kelley | Operations Director | Typo3USA | www.Typo3USA.com
Ohio NOC | 317 South North Street | Washington CH OH 43160
Skype Messenger: vinehosting
Email: gl...@typo3usa.com
Phone: 740
>The 1.2.2 and 1.2.3 GUI interface section does indeed allow for
>definition of multiple VLAN IDs -- but exactly one IPv4 address per
>physical interface.
Define the VLAN and it becomes an interface in the GUI where you can define an
IP/subnet.
I currently have 5 VLANs (with separate IP and sub
On 1/10/10 6:14 PM, Glenn Kelley wrote:
> I strongly suggest you buy the book.
> It is a great resource.
>
> Also - vlans are under the interfaces section - you need to add each.
Thanks, but that wasn't the question.
The previous post suggested pfSense supports configuration of multiple
VLANs *
I strongly suggest you buy the book.
It is a great resource.
Also - vlans are under the interfaces section - you need to add each.
_
Glenn Kelley | Operations Director | Typo3USA | www.Typo3USA.com
Ohio NOC |
On 1/10/10 5:44 PM, Nathan Eisenberg wrote:
>> At least on 1.2.2, each physical interface can be configured with
>> multiple VLANs but only one IP address.
>
> To be clear - each VLAN CAN be configured with its own IP address.
Where? I'm new to pfSense and maybe shouldn't have jumped to that
con
> -Original Message-
> From: David Newman [mailto:dnew...@networktest.com]
> Sent: Sunday, January 10, 2010 9:04 AM
> To: support@pfsense.com
> Subject: Re: [pfSense Support] VLAN Setup
>
> To your original question, I do not see a way to do this on one pfSense
&g
On 1/10/10 1:08 AM, Fabian Abplanalp wrote:
> Correct. The two VLANs have their own IP Subnets.
..
> Yep. The setup is working already with 2 VLANs, but with two pfSense boxes.
To your original question, I do not see a way to do this on one pfSense
box.
At least on 1.2.2, each physical interf
On 1/10/10 3:32 AM, David Newman wrote:
On 1/9/10 5:40 PM, Tortise wrote:
I thought a managed switch was a pre-requisite for VLAN's, as is one
pfSense box (or equivalent).
All switches here are managed.
Not necessarily. At least one box that can forward traffic among VLANs
is the on
On 1/9/10 5:40 PM, Tortise wrote:
> I thought a managed switch was a pre-requisite for VLAN's, as is one
> pfSense box (or equivalent).
Not necessarily. At least one box that can forward traffic among VLANs
is the only requirement. In many network designs there's a 1:1
correspondence between VLAN
- Original Message -
From: "Fabian Abplanalp"
To:
Sent: Sunday, January 10, 2010 1:50 PM
Subject: [pfSense Support] VLAN Setup
Sawadeekap
Question... I have currently a LAN with 2 VLANs (default and VLAN99 for a guest WLAN). Default uses pfSense with portforwarding
etc., the VLAN99
On Mon, Oct 05, 2009 at 10:43:34AM +0100, Paul Mansfield wrote:
> On 04/10/09 20:26, Teletreff wrote:
> >Best Choice for small Switches is Netgear (Many Models in all Categories)
>
>
> personally I'd rather take my chance with a second-hand Cisco off ebay
> (which is what I did at home) - a 24 x
On 04/10/09 20:26, Teletreff wrote:
Best Choice for small Switches is Netgear (Many Models in all Categories)
personally I'd rather take my chance with a second-hand Cisco off ebay
(which is what I did at home) - a 24 x 10/100 port switch with a couple
of gigabit uplinks for home file server
On Sun, Oct 4, 2009 at 2:15 PM, Anil Garg wrote:
> I have a pfsense with two 10/100 PCI cards (acting as LAN & WAN router).
> I have a 4 port (quad) 10/100 PCI (ZNYX ZX374) card.
> If I were to add this card into the box and then add those ports and bridge
> them with each other (completely away f
On Sun, Oct 4, 2009 at 9:24 PM, Anil Garg wrote:
> David
>
> I am not very technical. My server room is far away from my internet
> connection at my home. So there is only one cable going from the internet to
> server room. I am still reading about VLAN so that I understand its working
> better.
Burgess
To: support@pfsense.com
Sent: Sunday, October 4, 2009 7:25:40 PM
Subject: Re: [pfSense Support] VLAN Capable switch
On Sun, Oct 4, 2009 at 6:15 PM, Anil Garg wrote:
> I have a pfsense with two 10/100 PCI cards (acting as LAN & WAN router).
> I have a 4 port (quad) 10/100 PCI (
On Sun, Oct 4, 2009 at 6:15 PM, Anil Garg wrote:
> I have a pfsense with two 10/100 PCI cards (acting as LAN & WAN router).
> I have a 4 port (quad) 10/100 PCI (ZNYX ZX374) card.
> If I were to add this card into the box and then add those ports and bridge
> them with each other (completely away f
Your Switch should have the "trunking feature": 802.1Q
Best Choice for small Switches is Netgear (Many Models in all Categories)
Take a look at the category "Managed Switches"
Support for Layer 2 (3 is with routing functionality, not important for
you)
Start searching here:
http://www.netgear.c
>it could also be a bogus switch; it might not like you trying to run
>tagged and untagged frames on the same port. I'd advise changing to use
>vlan2, say, as your LAN and ensure all switch ports are marked untagged
>vlan2, (or in cisco speak, in access mode, access vlan 2, and nonegotiate).
Every
On 28/09/09 15:20, Joseph L. Casale wrote:
...
> Interface VLAN tagDescription
> em2 50 NegriBossi
>
> In the Interface Assignment Tab, I have:
> Interface Network port
> LAN em0
> WAN bge0
> OPT1em1
> OPT2VLAN 50 on em2
>yes, play with the Interfaces->Assign menus
Paul,
Thanks for the confirmation.
In the VLAN Tab, I have:
Interface VLAN tagDescription
em2 50 NegriBossi
In the Interface Assignment Tab, I have:
Interface Network port
LAN em0
WAN bge0
OPT1
On 26/09/09 03:59, Joseph L. Casale wrote:
>> Does the vlan interface have an allow rule?
>> You said opt2 does, but what about your vlan interface
>
> Yes, only Opt2, I didn't know you could create rules for
> the vlan interface itself? R u sure you can do this?
yes, play with the Interfaces->As
>Does the vlan interface have an allow rule?
>You said opt2 does, but what about your vlan interface
Yes, only Opt2, I didn't know you could create rules for
the vlan interface itself? R u sure you can do this?
Thanks!
jlc
-
To
On Fri, Sep 25, 2009 at 6:05 PM, Joseph L. Casale wrote:
> I have a vlan (50) setup who's parent interface is Opt2. This
> parent interface is setup with a static ip of 192.168.1.1/24
> and is plugged into a switch "A" that has that has this port
> tagged into the specific vlan id of 50 as well.
>Turns out it was indeed, after we talked on the phone and I checked
>things out on a Gotomeeting session, just the subnet mask was wrong.
>All good now.
Damnit Chris,
I thought we'd keep that to ourselves :) The crazy thing was I stared
at it and was like "No that's right..."
heh, happens someti
On Fri, Jul 24, 2009 at 7:32 PM, Chris Buechler wrote:
> On Fri, Jul 24, 2009 at 7:30 PM, Joseph L.
> Casale wrote:
>>>OT:
>>>BTW, you are subscribed into the CentOS mailing list, right?
>>>somehow your name was known for me :)
>>
>> Yup, and I do have working connectivity into the vlan from that s
On Fri, Jul 24, 2009 at 7:30 PM, Joseph L.
Casale wrote:
>>OT:
>>BTW, you are subscribed into the CentOS mailing list, right?
>>somehow your name was known for me :)
>
> Yup, and I do have working connectivity into the vlan from that switch
> as I said I hooked up an RHEL host and it worked (No lap
On Fri, Jul 24, 2009 at 7:59 PM, Joseph L.
Casale wrote:
> No more vlan config inside pfSense, I have 3 physical interfaces, lan, wan,
> opt1.
> wan is segmented off to a dsl which works, nat with lan is functioning. Opt1
> is
> on a port that untags into vlan3. I *know* this works as I just hoo
>OT:
>BTW, you are subscribed into the CentOS mailing list, right?
>somehow your name was known for me :)
Yup, and I do have working connectivity into the vlan from that switch
as I said I hooked up an RHEL host and it worked (No laptop, just big iron:>).
It is just pfsense I don’t have setup rig
On Fri, Jul 24, 2009 at 6:11 PM, Victor Padro wrote:
> On Fri, Jul 24, 2009 at 5:59 PM, Joseph L.
> Casale wrote:
>>>yes but becareful with that rule, it allows anyone in the LAN to
>>>access anything in the internet and the OPT1, did you check the tagged
>>>ports and the untagged ones, as I stated
On Fri, Jul 24, 2009 at 5:59 PM, Joseph L.
Casale wrote:
>>yes but becareful with that rule, it allows anyone in the LAN to
>>access anything in the internet and the OPT1, did you check the tagged
>>ports and the untagged ones, as I stated in a previous email?
>
> Ok guys, I am waiting on Chris to
>yes but becareful with that rule, it allows anyone in the LAN to
>access anything in the internet and the OPT1, did you check the tagged
>ports and the untagged ones, as I stated in a previous email?
Ok guys, I am waiting on Chris to get some paid support. In the meantime
I reconfigured some hard
>I suspect it may not actually be tagged, try to tcpdump on the VLAN
>interface and see what's on there, then switch to the parent, with the
>VLAN specified as a filter (tcpdump -ni parentinterface vlan 3) and
>you'll see what's getting tagged, likely nothing.
Bingo, there was an issue! I have to
On Fri, Jul 24, 2009 at 3:11 PM, Joseph L.
Casale wrote:
>>First of all make sure you can reach hosts on vlan3 from pfSense itself.
>
> Right, I tried a ping from the web gui on OPT1 to a host and got nothing.
> I am positive the switch is setup right, I am looking at it now and it is
> allowing ta
On Fri, Jul 24, 2009 at 2:16 PM, Joseph L.
Casale wrote:
>>need to assign rules in the lan in order to see the VLAN subnet.
>
> Well, the lan has a rule matching packets in on LAN interface to *.
> I assume I can't get broader than that? Is there still something else
> that is specific for a vlan?
>need to assign rules in the lan in order to see the VLAN subnet.
Well, the lan has a rule matching packets in on LAN interface to *.
I assume I can't get broader than that? Is there still something else
that is specific for a vlan? The "*" destination should match packets
headed to the opt1 inter
On Fri, Jul 24, 2009 at 2:11 PM, Joseph L.
Casale wrote:
>>First of all make sure you can reach hosts on vlan3 from pfSense itself.
>
> Right, I tried a ping from the web gui on OPT1 to a host and got nothing.
> I am positive the switch is setup right, I am looking at it now and it is
> allowing ta
>First of all make sure you can reach hosts on vlan3 from pfSense itself.
Right, I tried a ping from the web gui on OPT1 to a host and got nothing.
I am positive the switch is setup right, I am looking at it now and it is
allowing tagged traffic from the interface onto vlan 3.
I am still missing
On Fri, Jul 24, 2009 at 1:55 PM, Joseph L.
Casale wrote:
>>Here's what I do using the same setup as you have:
>>
>>I assign the WAN(em0) and the LAN(em1), to configure the conectivity
>>to the internet, I connect to the web interface, create some basic
>>rules(so I can access my adsl modem), then I
> From: Joseph L. Casale [mailto:jcas...@activenetwerx.com]
> Sent: July 24, 2009 2:56 PM
>
> >Here's what I do using the same setup as you have:
> >
> >I assign the WAN(em0) and the LAN(em1), to configure the
> conectivity to
> >the internet, I connect to the web interface, create some basic
>Here's what I do using the same setup as you have:
>
>I assign the WAN(em0) and the LAN(em1), to configure the conectivity
>to the internet, I connect to the web interface, create some basic
>rules(so I can access my adsl modem), then I go to the assign option,
>then to the VLAN tab and I add it a
> From: Victor Padro [mailto:vpa...@gmail.com]
> Sent: July 24, 2009 2:38 PM
> On Fri, Jul 24, 2009 at 1:19 PM, Joseph L.
> Casale wrote:
> > The deployment I was planning earlier that referenced the
> 1u case reco
> > from everybody just got accelerated, the PIX that I was replacing
> > died:)
On Fri, Jul 24, 2009 at 1:19 PM, Joseph L.
Casale wrote:
> The deployment I was planning earlier that referenced the 1u case
> reco from everybody just got accelerated, the PIX that I was replacing
> died:)
>
> I have a single wan(dhcp)(em0) and lan(192.168.0.1)(em1) interface, both
> working
> as
I might have not understood your explanation, but I think that what
you need is to add an untagged port (on your switch) to vlan3 and
connect that port to your opt1 interface in your pfsense box (if it is
a different physical interface).
If you want to only use one port for vlan3 and lan you shoul
On Fri, Jul 24, 2009 at 2:19 PM, Joseph L.
Casale wrote:
> The deployment I was planning earlier that referenced the 1u case
> reco from everybody just got accelerated, the PIX that I was replacing
> died:)
>
> I have a single wan(dhcp)(em0) and lan(192.168.0.1)(em1) interface, both
> working
> as
On Fri, Nov 28, 2008 at 1:07 PM, Paul Mansfield
<[EMAIL PROTECTED]> wrote:
>
>> Not sure what you mean by this, just adding the VLAN ID to the status page?
>
> yes please!
>
Opened a feature request for this one.
-
To unsubscribe
Chris Buechler wrote:
> On Fri, Nov 28, 2008 at 6:59 AM, Paul Mansfield
> <[EMAIL PROTECTED]> wrote:
>> in 1.2-release, if I change the tag on a vlan interface,
>> (e.g. https://firewall.example.com/interfaces_vlan.php), it does warn me
>> that the firewall might need rebooting. it's definitely the
On Fri, Nov 28, 2008 at 6:59 AM, Paul Mansfield
<[EMAIL PROTECTED]> wrote:
> in 1.2-release, if I change the tag on a vlan interface,
> (e.g. https://firewall.example.com/interfaces_vlan.php), it does warn me
> that the firewall might need rebooting. it's definitely the case that
> the firewall nee
> 1/ change the message to say it DOES need rebooting
The necessity of rebooting depends on your particular hardware; some
drivers don't need to be reloaded to enable VLANs.
> 2/ add, to the interface status page, information about the current vlan
> tag?
You mention telling if there's a problem
It looks that the solution was a network card change. Now it looks fine. (i
hope that it will work in the future also)
Thank you for everyone for the support!
Szabolcs
2008/11/26 Curtis LaMasters <[EMAIL PROTECTED]>
> You should really never need to modify MTU on the LAN side. Is this remote
>
You should really never need to modify MTU on the LAN side. Is this remote
machine via the WAN?
Curtis LaMasters
http://www.curtis-lamasters.com
http://www.builtnetworks.com
On Wed, Nov 26, 2008 at 3:52 AM, Cozma Szabi <[EMAIL PROTECTED]> wrote:
> Thank you!
>
> Now the VLAN looks working, but
Thank you!
Now the VLAN looks working, but when I'm trying to list the content of a
directory (ll command) on a remote machine where are more files, my
connection is frozen.
What do you think what can be the problem?
Which network cards support vlan ?
Do I have to set something on MTU size?
Thank
Yes, I'll second this. If you have an interface on a Cisco switch set to
"switchport mode trunk" and "switchport trunk encapsulation dot1q" you will
have all VLANs > 1 tagged or in Cisco terms "trunked" on that interface.
VLAN 1 will remain untagged or as an "access/native" port. You can verify
t
On Tue, Nov 25, 2008 at 14:47, Cozma Szabi <[EMAIL PROTECTED]> wrote:
> Thank you for the answer, I will try it out tomorrow.
> You mean that I have to enable the parent interface and leave all the fields
> empty ?
Do as you wish; it likely needs to be at least enabled, but that's the
equivalent o
Thank you for the answer, I will try it out tomorrow.
You mean that I have to enable the parent interface and leave all the fields
empty ?
2008/11/25 RB <[EMAIL PROTECTED]>
> On Tue, Nov 25, 2008 at 14:13, Cozma Szabi <[EMAIL PROTECTED]> wrote:
> > I cannot find what I have to set on the parent c
On Tue, Nov 25, 2008 at 14:13, Cozma Szabi <[EMAIL PROTECTED]> wrote:
> I cannot find what I have to set on the parent card, or what I must to check
> on VLAN interfaces.
Unlike Cisco equipment, you don't have to set anything on the parent
interface, VLAN tagging is turned on by default. If you r
I cannot find what I have to set on the parent card, or what I must to check
on VLAN interfaces.
2008/11/25 RB <[EMAIL PROTECTED]>
> > The description from the wiki is not helpful.
> > Do you know a general description how VLAN is working in pfsense?
>
> What is unhelpful about this document?
>
>
> The description from the wiki is not helpful.
> Do you know a general description how VLAN is working in pfsense?
What is unhelpful about this document?
http://doc.pfsense.org/index.php/HOWTO_setup_vlans_with_pfSense
-
To unsu
(sorry for top replying but I have gotten it to work and share my 5
cents here)
Thank you for your hints.
The problems with my setup was that pfSense GUI defaults to /32-netnask
when setting a VLAN ip address. I did not notice this at first and the
packages did not get routed as I wanted.
O
Hi,
Le 15 oct. 08 à 14:20, Paul Mansfield a écrit :
Fredrik Rambris wrote:
Hello
Searched through the list and found many posts on VLAN. To my
knowledge
I have done what I think is correct but packages wont go through. I
can
see in the pfSense logs that packages do get in on the right VL
Fredrik Rambris wrote:
> Hello
>
> Searched through the list and found many posts on VLAN. To my knowledge
> I have done what I think is correct but packages wont go through. I can
> see in the pfSense logs that packages do get in on the right VLAN
> interface but that's about it.
>
> bge0 is WAN
look closely... "switchport mode access" command is absent
I use this way... and works ok.
interface fastethernet 0/x
switchport mode access
switchport access vlan
Regards
On Tue, Oct 14, 2008 at 4:39 PM, Matej Duracka <[EMAIL PROTECTED]> wrote:
> Hello Gary,
>
> On C3550 Fa0/1 try "s
Hello Gary,
On C3550 Fa0/1 try "switchport trunk allowed vlan 201,202" . Then see
the output "sh interfaces trunk" . You should see if the Fa0/1 is
trunking correctly with dot1Q encapsulation.
Cheers,
- Matej
Gary Buckmaster wrote / napísal(a):
> What version of pfSense are you running? 1.
What version of pfSense are you running? 1.2-Release? 1.2.1-RC?
Fredrik Rambris wrote:
Hello
Searched through the list and found many posts on VLAN. To my
knowledge I have done what I think is correct but packages wont go
through. I can see in the pfSense logs that packages do get in on the
On Sat, Jun 7, 2008 at 11:03 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
> Victor,
> I have similar setup up & running with a cisco 2950.
> First question:
>
> 1) Did you reboot the box before trying to get addresses?
yes, everytime something is changed in the box, gets restarted, even
chan
On Thu, Jun 5, 2008 at 7:54 PM, Mousemen <[EMAIL PROTECTED]> wrote:
> Would destination any allow it to also browse the other vlan also or will
> that only happen if I create a rule to allow that.? Besides tcp what should
> I allow. protocol any or tcp/udp to allow the dns also.
Start with an allo
Would destination any allow it to also browse the other vlan also or
will that only happen if I create a rule to allow that.? Besides tcp
what should I allow. protocol any or tcp/udp to allow the dns also.
Chris Buechler wrote:
On Thu, Jun 5, 2008 at 6:18 PM, Paul Peziol <[EMAIL PROTECTED]> wr
On Thu, Jun 5, 2008 at 6:18 PM, Paul Peziol <[EMAIL PROTECTED]> wrote:
> I am happy to report that with the new Intel NIC I get an ip address passed
> to the vlan correctly. Now a new issue is even though I get an ip address I
> can not get online.
>
> Under Interfaces:
> enabled - checked
> Descri
I am happy to report that with the new Intel NIC I get an ip address passed
to the vlan correctly. Now a new issue is even though I get an ip address I
can not get online.
Under Interfaces:
enabled - checked
Description:: Bench
Type: static
Bridge with: None
Ip Address: 192.168.50.1 /24
Gateway: l
On Wed, Jun 4, 2008 at 6:24 PM, Paul Peziol <[EMAIL PROTECTED]> wrote:
> Well I ordered 2 Intel cards that support 801.1q, 802.1p, I will get those
> in there when they come and report back. I guess I assumed that all cards
> supported it and considering people put together the boxes from old
> equ
you
On Wed, Jun 4, 2008 at 1:41 PM, Kevin Benton <[EMAIL PROTECTED]> wrote:
> The card in the pfSense box that connects to the switch.
>
> -Original Message-
> From: Mousemen [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 03, 2008 8:25 PM
> To: support@pfsense.com
The card in the pfSense box that connects to the switch.
-Original Message-
From: Mousemen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2008 8:25 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] VLAN Help
Which card needs to support it? The equipment on the end (computer
ause anything coming from port 11 should be
tagged with the VLAN id by the switch before it goes to the pfSense box.
Adam
> Date: Tue, 3 Jun 2008 22:53:44 -0500> From: [EMAIL PROTECTED]> To:
> support@pfsense.com> Subject: Re: [pfSense Support] VLAN Help> > I appreciate
---
Date: Tue, 3 Jun 2008 15:16:04 -0500
From: [EMAIL PROTECTED]
To: support@pfsense.com
Subject: Re: [pfSense Support] VLAN Help
Not sure if anyone had looked at the config file but since i have
not heard back I decided to start
Which card needs to support it? The equipment on the end (computer) or
the card in the pfsense box.
Kevin Benton wrote
What you have setup is a trunk port. A trunk port is just a term used
(when referring to VLANS) to describe a link that is tagging egress
packets with VLAN id's so a devic
...if you need more help understanding what's happening with
the VLAN settings in the switch I can try to help more but its kind of hard to
describe. ;)
Adam
Date: Tue, 3 Jun 2008 15:16:04 -0500From: [EMAIL PROTECTED]: [EMAIL PROTECTED]:
Re: [pfSense Support] VLAN HelpNot sure if anyone
What you have setup is a trunk port. A trunk port is just a term used (when
referring to VLANS) to describe a link that is tagging egress packets with
VLAN id's so a device on the other end can differentiate the frames from the
unique VLANs.
It looks like you have the switch correctly configured.
Not sure if anyone had looked at the config file but since i have not heard
back I decided to start over. Did a clean install of pfsense. Not sure if I
have the dell powerconnect switch configured correctly but get different
stories. There is only 1 switch and some say I need a trunk port some say
config-pfSense.local-20080528142627.xml
Reset pw to the factory default
I took out the WAN2 ip as that is a static ip. The WAN is set to dhcp for
now. Let me know if I need to do anything anything else. The lan ip I'm not
worried about as it is a test network for now and will change once in
produ
Please send your config.xml with passwords and IPs changed.
--
Curtis LaMasters
http://www.curtis-lamasters.com
http://www.builtnetworks.com
Not familiar with what fx(4) em(4) refers to. Heres the layout.
Console Output
WAN > xl0 > x.x.x.x DHCP
Op1 (WAN2) > rl1 > x.x..x.x (static ip on dsl line)
Opt2 (Bench) > vlan0 > 192.168.10.1
LAN > vlan1 > 192.168.5.1
Pfsense has 1 nic rlo going to port 25 on Dell switch.
Switch config. port24 o
on the NIC's 2 are surplus realtek and not sure on the 3rd one. The lan
nic is on the realtek though. Might there be an issue with the nic
passing the vlan tagging even though the pfsense states only nics
capable of it are listed.
Curtis LaMasters wrote:
If you leave an untagged vlan on the pf
For some reason I locked my self out remotely out of the desktop with a
tftp server install. Port25 is connected to the router so I tagged it on
all vlan's and left the ports to the computer untagged under its
designated vlan setup. In the pfsense I created a vlan1 to match the
default on the
If you leave an untagged vlan on the pfsense interface, the traffic will
default to it. Not sure why that is The LAN interface should say "VLAN
1 on bge0 (VLAN1)" ...if this is so then your other VLAN's should follow
suite. For the switchport connected to pfsense, it should be tagged
(Trunk
Not sure if I know what you mean. In the pfsense firewall I have the
basic lan as 192.168.5.x. Then I created virtual ip and vlan as #2
192.168.10.x. I figured if I created a vlan1 then it might conflict with
the switch since it uses the default as vlan1. If I'm explaining that
correctly.
May
Do you have vlan1, 2 and 3 tagged on your inside physical interface (BGE1)
for me of pfsense. If not then you probably won't be able to get this to
work. Try doing that, then configure the Dell switch as tagged on all three
vlans on the port that connects to the firewall. Then select untagged whe
It's just performance usually.
On Feb 3, 2008 4:38 AM, Ugo Bellavance <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm wondering about the difference between using, for example, a fxp
> NIC (intel) compared to a bge NIC for VLANs.
>
> fxp supports long frames, while bge supports VLANs natively. W
Paul Cockings wrote:
> Many thanks for the quick responses :-)
>
p.s. the twin-port gigabit NIC cards work very well too. oh, yes, I am
using PCI-X cards, the single-port ones are modest price, the dual-port
ones are quite pricey (GBP110-ish or US$220).
I have also used some broadcom twin-port N
Many thanks for the quick responses :-)
Paul
Paul M wrote:
Curtis LaMasters wrote:
I agree with Ngawang, Intel is the way to go for a well supported NIC.
The pfSense website has a HCL on it for FreeBSD at
http://pfsense.com/index.php?id=37. Let us know if you have any issues.
Curtis
Curtis LaMasters wrote:
> I agree with Ngawang, Intel is the way to go for a well supported NIC.
> The pfSense website has a HCL on it for FreeBSD at
> http://pfsense.com/index.php?id=37. Let us know if you have any issues.
>
> Curtis
me too!
however, be warned, if you need jumbo frame support
I agree with Ngawang, Intel is the way to go for a well supported NIC. The
pfSense website has a HCL on it for FreeBSD at
http://pfsense.com/index.php?id=37. Let us know if you have any issues.
Curtis
http://www.intel.com/network/connectivity/resources/doc_library/data_sheets/pro1000gt_da.pdf
I use these, they are typical in europe where they have environmental
standards. They have 802.1Q VLAN support. I use VLANs but not like that -
but I have several pfsense now and these NICs are trouble fre
> WAN can connect to anything in the LAN directly (would have to be
> allowed by firewall rules). Am I right?
Presuming your switch's method of isolating ports is properly
implemented, yes. On many [admittedly older] switching fabrics, there
was a vulnerability whereby an attacker could overflow
Once you create the vlan's, you'll go in and add another opt interface
that will correspond to the vlan you added to the physical interface.
I don't have a box in front of me to walk through the menu's, but the
bottom line is that what you want to do is doable in pfSense and is
all configured unde
9:49 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] VLAN
On 4/21/07, Kelvin Chiang <[EMAIL PROTECTED]> wrote:
> Hi Bill,
>
> I suppose I did, unless there are something I was not aware. I created
> a VLAN on the NIC, and assign the VLAN ID to OPT1 in the interface
>
On 4/21/07, Kelvin Chiang <[EMAIL PROTECTED]> wrote:
Hi Bill,
I suppose I did, unless there are something I was not aware. I created a
VLAN on the NIC, and assign the VLAN ID to OPT1 in the interface menu.
Well, I dunno what rules you have, so I can't comment on whether you
did it right or not
knows what it meant? Any chance that this is the cause?
Regards, Kelvin
-Original Message-
From: Kelvin Chiang [mailto:[EMAIL PROTECTED]
Sent: Saturday, April 21, 2007 2:57 PM
To: 'support@pfsense.com'
Subject: RE: [pfSense Support] VLAN
Hi Bill,
I suppose I did, unless there are
1 - 100 of 159 matches
Mail list logo
