>yes but becareful with that rule, it allows anyone in the LAN to >access anything in the internet and the OPT1, did you check the tagged >ports and the untagged ones, as I stated in a previous email?
Ok guys, I am waiting on Chris to get some paid support. In the meantime I reconfigured some hardware and ran some tests. No more vlan config inside pfSense, I have 3 physical interfaces, lan, wan, opt1. wan is segmented off to a dsl which works, nat with lan is functioning. Opt1 is on a port that untags into vlan3. I *know* this works as I just hooked up a rhel host with an IP in the vlan 3 subnet that *does not* have vlan config and it can see hosts in vlan3. Opt1 has an ip in the vlan3 subnet but still no connectivity. My rules are lan->* and opt1->*. I have no gateway configured on Opt1, no bridging, clients in vlan3 have their gateway set to opt1's ip which is set to 192.168.2.1/32. What else can I check? Thanks for everything! jlc
