Fredrik Rambris wrote: > Hello > > Searched through the list and found many posts on VLAN. To my knowledge > I have done what I think is correct but packages wont go through. I can > see in the pfSense logs that packages do get in on the right VLAN > interface but that's about it. > > bge0 is WAN > bge1 is LAN > > I have defined two VLANs (201 and 202) and added them as interfaces > VLAN201 10.150.1.1 > VLAN202 10.150.2.1 > > ! This is where bge0 is connected > interface FastEthernet0/1 > switchport trunk encapsulation dot1q > switchport mode trunk > no ip address > !
pfsense numbers vlan interfacs sequentially, unlike linux's eth0.X notation, so vlan0 might be tag 202. this caught me out when I first installed pfsense - take a closer look at "ifconfig -a" to check settings. it's definitely wise to put "nonegotiate" on all server switch ports to prevent hosts turning on .1q and thereby breaking security. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
