OPNsense Forum
Archive => 19.7 Legacy Series => Topic started by: loganx1121 on November 25, 2019, 04:34:52 am
-
I setup a vlan interface (vlan 30) on the firewall. I have a core cisco switch and an "access" cisco switch connected to the firewall. I made vlan 30 on the core switch, trunked to the interface on the firewall...that seems to be working fine. I made another trunk to my VM host, spun up a VM and put it on vlan 30 with a static IP in that subnet. I can ping out to the internet...everything seems fine...but when I check the firewall logs I can't see anything for vlan 30.
If I ping out to the internet, nothing in the logs.
Ping to a different internal subnet, nothing in the logs.
I find this very odd. I would think I would see something in the logs for the traffic hitting the new Vlan interface but I'm not...even though every seems to be working fine.
Any thoughts or advice is appreciated.
-
I'd think that has to do with any firewall rules, and if they are set to log or not. From what I remember, the default is 'not' logged unless you turn it on. So you'd have to have a rule match, with logging for the rule 'on', to see it in the logs.
-
So I checked all of my rules on the firewall and I had a rule that I made for this new vlan that didn't have logging enabled...but...
The rule is for the "Inside" interface on the firewall. This is a /30 between the firewall and the core cisco switch where all of the other subnets are routed via ospf.
So now I can see the traffic for the new Vlan, but I still don't see anything hitting the new Vlan interface. There are no rules on the Vlan interface, so all the traffic hitting it should be rejected/blocked, but I'm just not seeing anything hit it.
-
Stupid error on my part in regards to the switch. Working as intended now.