VLAN problems with GS324TP and pfSense


VLAN problems with GS324TP and pfSense

I'm struggling to get a single VLAN working. The setup is pfSense router at that connects to the Netgear switch. I created a VLAN (tag 20) and configured it and the firewall rules using several of tutorials that made it look easy. I'd like the VLAN to have an address of I've attached pictures which provide more details about the config.


pfSense Interfaces

pfSense Interfaces.jpg


pfSense VLANs

pfSense VLANs.jpg


pfSense VLAN config

pfSense VLAN Config.jpg


pfSense VLAN DHCP (anything not shown in picture is default value, blank DNS and blank gateway)

pfSense VLAN DHCP.jpg


pfSense Firewall rules for VLAN (first rule is disabled)

pfSense FirewallRules.jpg


Netgear Port PVID config



As you can tell from the last image, I tried brute forcing different configs to find 1 that would work, then I thought I could figure out the rest once I got 1 working. None of the ports give me an ip address. The only thing that is unusual about my setup is I have pfSense configured to mirror traffic to a SPAN port (the interface named OPT1). Otherwise I've copied everything exactly like all the tutorials said to do but I can't get an ip. What am I doing wrong?

Message 1 of 2
NETGEAR Employee Retired

Re: VLAN problems with GS324TP and pfSense



Welcome to the community!


Assuming that the firewall is connected to port 15 of the switch, it should be marked as Tagged for VLAN20 and leaving the rest as the default where VLAN1 is marked as Untagged and the PVID as well.

As for connecting the client devices, remove the Untagged port on VLAN1 then mark the same port as Untagged on VLAN20. 


For your reference, you may check this KB article and see sections Create VLANs on the switch, Add ports to the VLANs, and Configure port PVID settings for untagged ports.






NETGEAR Community Team

Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 0 kudos
  • 2 in conversation