Home Networking

244 readers

1 users here now

A community to help people learn, install, set up or troubleshoot their home network equipment and solutions.

Rules

Please stay on topic.
Please use the search function to look for keywords related to what you want to ask before posting since most common issues have been answered.
No Ads. This community is for support and discussion. Ads and self promotion are not welcome here.
No product reviews or announcements. If you have a question about a product, be specific about what you want to know.
Be civil. Don't be a jerk. Not being a jerk is surprisingly easy.
No URL shorteners. URL shorteners tend to hide the real use of a link. For this reason, please use normal links, even if they're long.
No affiliate links.
No gatekeeping. With profession shall come professionalism. Extend help without judging others for their ignorance. The same goes for downvoting of comments or posts for "stupid questions" or not being as knowledgeable as others.

founded 1 year ago

MODERATORS

[email protected]

Confused about VLANs (alien.top)

submitted 1 year ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

I have a switch that trunks in VLANs from pfSense and seems to be working. Confusion simply starts where I have a client connected to the switch that can ping devices in the VLAN but the port in which the client is connected to it not trunked... am I missing something here?

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 1 year ago

You should only have one trunk port on your switch. That trunk port will connect to your pfsense box. All clients should be connected to access ports with the specific vlan number specified.

[–] [email protected] 1 points 1 year ago

This would happen if your trunk port also happens to have a router at the other end. Some switches have this they are called Layer 3 switches because they can do inter vlan links. Standard managed L2 switches don't do this.

What is likely going on, Device on untaged vlan 2 port, traffic up the trunk - trunk over to router, router has access to multiple vlans. Routes traffic to vlan 1.

PF Sense is a router so it would stand to reason that your not getting vlan isolation as expected because your routing the traffic between vlans.

As a test just unplug the trunk port to pfsense and see if your client can still talk to other clients in other vlans.

A vlan is just a L2 collision domain separator. If you trunk vlan 1 and 2 into a router and allow an ANY/ANY rule on any firewall then your going to get cross vlan traffic. Either remove the route from the table, or add a firewall filter to block traffic.