Mayak, The only thing not clear to me is where to set the port type to "trunk". I don't see this option anywhere on the VLANS. Are you saying I literally assign the string "1,10,20" as the VLAN tag for port 4 in your example?
----- Original Message ----- From: "mayak" <[email protected]> To: [email protected] Sent: Monday, December 30, 2013 4:36:13 AM Subject: Re: [pfSense] pfsense <-> pfsense vlans and trunking without the aid of switches hi john, yes, your schema is possible: - set individual ports to be members of their vlans -- on the right side, make port 1 member of vlan 10, port 2 member vlan 20, and port 4 of type trunk. same concept on the left -- port 1 member vlan 10, port member vlan 20, port 4 trunk. the two pfsense connect together using port 4 on a rolled ethernet cable. all of this accomplished on the `Interfaces -> Assign -> VLANs` VLAN tag for port 4 would be 1,10,20 (1 is the administrative vlan) cheers m On 12/30/2013 04:36 AM, John Wells wrote: > Guys, > > I have a situation similar to what's shown here (http://imgur.com/b3Hbzd3). > > I have two pfsense 2.1 boxes on my home network and two different sections of > the house connected by one cable. It's not possible to run another cable > without *great* effort. > > Each of these pf boxes have quad-port nics which support VLANs. I have three > networks in play on the home network...a local lan, a DMZ, and then WAN > itself. What I was hoping to do is to create VLANs for each of these (one for > WAN traffic inbound, one for LAN traffic and one for the DMZ) and be able to > trunk each of these VLANs across that single cable (the placement of DMZ > boxes can vary at different times). Additionally, what I'd hoped to do is use > non-vlan capable switches on each side. > > I have the Definitive Guide, but everything in it is related to using Pfsense > with an external switch. I'm not sure how to about doing this in pfsense > itself. > > What I've done at the moment is created all three vlans and then added them > all to the same parent port (dm2) which is not assigned in any way within > pfsense. Is this enough to "trunk" these vlans? Would what remains simply to > be assigned three other physical ports on each card to the separate vlans, > and then dropping the appropriate switches off these ports? > > Any help you can offer will be *greatly* appreciated. > > Thanks! > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
