× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Re: VLAN problems with GS324TP and pfSense

NetworkingNoob2
Follower

VLAN problems with GS324TP and pfSense

I'm struggling to get a single VLAN working. The setup is pfSense router at 192.168.1.1 that connects to the Netgear switch. I created a VLAN (tag 20) and configured it and the firewall rules using several of tutorials that made it look easy. I'd like the VLAN to have an address of 192.168.20.1. I've attached pictures which provide more details about the config.

 

pfSense Interfaces

pfSense Interfaces.jpg

 

pfSense VLANs

pfSense VLANs.jpg

 

pfSense VLAN config

pfSense VLAN Config.jpg

 

pfSense VLAN DHCP (anything not shown in picture is default value, blank DNS and blank gateway)

pfSense VLAN DHCP.jpg

 

pfSense Firewall rules for VLAN (first rule is disabled)

pfSense FirewallRules.jpg

 

Netgear Port PVID config

SwitchVLAN.jpg

 

As you can tell from the last image, I tried brute forcing different configs to find 1 that would work, then I thought I could figure out the rest once I got 1 working. None of the ports give me an ip address. The only thing that is unusual about my setup is I have pfSense configured to mirror traffic to a SPAN port (the interface named OPT1). Otherwise I've copied everything exactly like all the tutorials said to do but I can't get an ip. What am I doing wrong?

Message 1 of 2
JeraldM
NETGEAR Employee Retired

Re: VLAN problems with GS324TP and pfSense

@NetworkingNoob2,

 

Welcome to the community!

 

Assuming that the firewall is connected to port 15 of the switch, it should be marked as Tagged for VLAN20 and leaving the rest as the default where VLAN1 is marked as Untagged and the PVID as well.

As for connecting the client devices, remove the Untagged port on VLAN1 then mark the same port as Untagged on VLAN20. 

 

For your reference, you may check this KB article and see sections Create VLANs on the switch, Add ports to the VLANs, and Configure port PVID settings for untagged ports.

 

 

Regards,

 

JeraldM

NETGEAR Community Team

Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 976 views
  • 0 kudos
  • 2 in conversation
Announcements