Hello Gary,
On C3550 Fa0/1 try "switchport trunk allowed vlan 201,202" . Then see
the output "sh interfaces trunk" . You should see if the Fa0/1 is
trunking correctly with dot1Q encapsulation.
Cheers,
- Matej
Gary Buckmaster wrote / napĂsal(a):
> What version of pfSense are you running? 1.2-Release? 1.2.1-RC?
>
> Fredrik Rambris wrote:
>> Hello
>>
>> Searched through the list and found many posts on VLAN. To my
>> knowledge I have done what I think is correct but packages wont go
>> through. I can see in the pfSense logs that packages do get in on the
>> right VLAN interface but that's about it.
>>
>> bge0 is WAN
>> bge1 is LAN
>>
>> I have defined two VLANs (201 and 202) and added them as interfaces
>> VLAN201 10.150.1.1
>> VLAN202 10.150.2.1
>>
>> ! This is where bge0 is connected
>> interface FastEthernet0/1
>> switchport trunk encapsulation dot1q
>> switchport mode trunk
>> no ip address
>> !
>> ! attached to machine b (10.150.2.10)
>> interface FastEthernet0/17
>> switchport access vlan 202
>> no ip address
>> !
>> ! attached to machine a (10.150.1.10)
>> interface FastEthernet0/31
>> switchport access vlan 201
>> no ip address
>>
>>
>> I have added an allow anything anywhere rule on each VLAN interface
>> (and WAN too)
>>
>> When I ping the firewall from machines a or b the log say something
>> on the lines of
>> Oct 14 18:12:42 VLAN202 10.150.2.10 10.150.2.1 ICMP
>> But no replies come back. I cannot ping the machines from pfSense
>> either.
>>
>> So packages gets tagged and understood TO pfSense but something error
>> happens the other way.
>>
>> What I do get on machine A and B is some Cisco packets:
>>
>> Capturing on eth1
>> 0.000000 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 1.999793 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 2.791435 Cisco_e1:b1:8d -> Cisco_e1:b1:8d LOOP Reply
>> 3.999626 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 5.999456 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 7.999297 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 9.999141 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 11.998963 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 12.790606 Cisco_e1:b1:8d -> Cisco_e1:b1:8d LOOP Reply
>> 13.998792 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 15.998627 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 17.166677 Cisco_e1:b1:8d -> CDP/VTP/DTP/PAgP/UDLD CDP Device ID:
>> Switch Port ID: FastEthernet0/17
>> 17.998475 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 19.998302 Cisco_e1:b1:8d -> Spanning-tree-(for-bridges)_00 STP Conf.
>> Root = 32970/00:09:b7:e1:b1:80 Cost = 0 Port = 0x800d
>> 14 packets captured
>>
>>
>>
>>
>>
>> Any hints, tips, clues?
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
