This should work wothout any special magic. Can a pc on a vlan segment ping the gateway and reach internet? Also did you configure the ip on the vlan interface or the physical? What does a traceroute show if you trace to an unreachable part. Does arp register hosts on the vlan interface?
-lsf 12. sep. 2014 12:43 skrev "Niklas Fondberg" <[email protected]> følgende: > From: Giles Coochey <[email protected]> > > > I'm not criticizing your choice configuration, there is absolutely no > reason not to use VLANs, however, in your design you appear to have a > number of VLANs, but I didn't see that (at the moment) you actually showed > a need to be using them (4 interfaces in total, one I assume is a WAN > interface, three interfaces remaining, you say you are not using the > default VLAN, and you have two VLANs plus an ILO subnet - so you could just > use physical interfaces). dot1Q VLAN trunks on your interfaces is a good > design, especially if you might want to add later VLANs to the design... > > VLANs complexify your needed configuration, and might be where other > admins could trip up. > > Might be good to have a look at your routing table, on the diagnostics > menu in the Web interface. > > -- > Regards, > > Giles Coochey, CCNP, CCNA, CCNAS > NetSecSpec Ltd+44 (0) 8444 780677+44 (0) 7584 > 634135http://www.coochey.nethttp://[email protected] > > > Hi Giles, > > My routing table looks like this: > Destination Gateway Flags Refs Use Mtu Netif default 178.78.221.93 UGS > 0 25456153 1500 em0 10.0.0.0/24 link#10 U 0 2829 1500 em2_vlan2 10.0.0.1 > link#10 UHS 0 0 16384 lo0 10.1.0.0/24 link#4 U 0 7927 1500 em3 10.1.0.1 > link#4 UHS 0 0 16384 lo0 31.211.230.216/30 link#1 U 0 0 1500 em0 > 31.211.230.218 link#1 UHS 0 0 16384 lo0 84.246.88.10 178.78.221.93 UGHS 0 > 34164 1500 em0 84.246.88.20 178.78.221.93 UGHS 0 25712 1500 em0 > 127.0.0.1 link#7 UH 0 37469 16384 lo0 178.78.221.92/30 link#1 U 0 589543 > 1500 em0 178.78.221.94 link#1 UHS 0 0 16384 lo0 192.168.1.0/24 link#2 U > 0 672 1500 em1 192.168.1.1 link#2 UHS 0 0 16384 lo0 192.168.2.0/24 > link#9 U 0 1342636 1500 em1_vlan10 192.168.2.1 link#9 UHS 0 0 16384 lo0 > 192.168.10.0/24 192.168.10.2 UGS 0 2718508 1500 ovpns1 192.168.10.1 > link#11 UHS 0 0 16384 lo0 192.168.10.2 link#11 UH 0 16 1500 ovpns1 > I can’t see anything wrong in the routing table EVEN if they are on > different physical interfaces. I guess I could have all VLANs on one > physical interface but that seems like another discussion and I still don’t > understand if this why pfsense is struggling with the routing. > Is it supposed to be supported? > > > > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
