Hello Leonardo, That’s correct, natively, the VM should see that inline VLAN traffic right away.
You can use tcpdump to verify it. On a side not, make sure that the subnet dedicated to your inline VLAN is not used anywhere else and use his own interface to interact with the network. Try that command: ip route get INLINE_IP_ON_THE_ROUTER You should get the inline interface. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Aug 25, 2022, at 12:16 PM, Leonardo Izzo I.T.S. > <leonardo.i...@itsinformatica.it> wrote: > > hello, but apart from my problem, generally once you have created a vlan on > an interface, configured as inline, enable dhcp and nat on it, you don't need > to do anything else to make sure that it can be seen by traffic vlan enabled > on the ports of a switch and whose port connected to pf is configured as > tagged? Or do you need to do something else? > Thank you > > In data 16 Agosto 2022 16:11:05 "Zammit, Ludovic" <luza...@akamai.com> ha > scritto: > >> Hello Leonardo, >> >> Your issue is very specific and I would bet it’s configuration related. >> >> I can tell you that it won’t be possible to do all the troubleshooting steps >> here, it’s not a simple task. >> >> However I can give you pointers to look at. >> >> 1- Eth0 need to be set as a Stat interface in the inline configuration under >> Configuration > Network Configuration > Networks > inline > Snat >> >> 2- If I understand correctly, eth1 is a trunk interface where you have added >> VLAN 11 on it. Can you ping from that interface another VLAN 11 interface in >> the network ? If yes, do some capture to make sure the VLAN 11 reach eth1.11 >> interface. >> >> Use the commands: >> >> ping -I eth1.11 1.2.3.4 >> >> ipset -S | less <— Check the ipset session, make sure where your Mac address >> is at >> >> ip route get 1.2.3.4 >> >> tcpdump -I eth1.11 port 67 >> >> Thanks, >> >> Ludovic Zammit >> Product Support Engineer Principal >> >> Cell: +1.613.670.8432 >> Akamai Technologies - Inverse >> 145 Broadway >> Cambridge, MA 02142 >> Connect with Us: <https://community.akamai.com/> >> <http://blogs.akamai.com/> >> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!V-SPHj8EZ_by-UGuHY3hyo9JkYdYuzHV02fv7XkW2bPniTZkzWuUl6EccloLB8Qvkj3r7I6cD7ekO1YJacytah2egJ40rA$> >> >> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!V-SPHj8EZ_by-UGuHY3hyo9JkYdYuzHV02fv7XkW2bPniTZkzWuUl6EccloLB8Qvkj3r7I6cD7ekO1YJacytah3oVNDfpA$> >> >> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!V-SPHj8EZ_by-UGuHY3hyo9JkYdYuzHV02fv7XkW2bPniTZkzWuUl6EccloLB8Qvkj3r7I6cD7ekO1YJacytah0Oy1EUPQ$> >> >> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!V-SPHj8EZ_by-UGuHY3hyo9JkYdYuzHV02fv7XkW2bPniTZkzWuUl6EccloLB8Qvkj3r7I6cD7ekO1YJacytah3P4yGwcA$> >> >>> On Aug 16, 2022, at 4:27 AM, Leonardo Izzo I.T.S. >>> <leonardo.i...@itsinformatica.it <mailto:leonardo.i...@itsinformatica.it>> >>> wrote: >>> >>> Hi could you please answer? It is very important for my work. Thank you >>> >>> --- Messaggio inoltrato --- >>> Da: leonardo.i...@itsinformatica.it >>> <mailto:leonardo.i...@itsinformatica.it> >>> Data: 6 agosto 2022 17:32:00 >>> Oggetto: static ip and dhcp on vlan interface >>> A: luza...@akamai.com <mailto:luza...@akamai.com> >>> Cc: packetfence-users@lists.sourceforge.net >>> <mailto:packetfence-users@lists.sourceforge.net> >>> hi, I have Packetfence which is configured as follows: >>> It has 3 network cards: eth0 of type "other" which acts as wan, eth1 is LAN >>> interfaces and eth2 is of type "management". >>> The interfaces related to eth1 is configured as Inline. >>> My requirement is that for the subnet related to eth1, only a host with >>> static ip must go out on the Internet by pf. how do i configure this thing? >>> Also I have a wifi controller which assigns vlan 11 to all wifi traffic. >>> For this reason, on the eth1 interface I have created a vlan interface with >>> id: 11, also configured in Inline mode. >>> How come on this interface, pf does not intercept the wifi traffic with id: >>> 11 by assigning ip addresses to it through dhcp and then obviously doing >>> the nat to go out on the Internet? >>> >>> Thank you >> > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
