1
22.7 Legacy Series / DHCP / VLAN Issues
« on: November 09, 2022, 12:56:01 pm »
Hello, I'm trying to get my first OPNSense box up and running with one Virtual Lan Area Networks (VLAN). This is a fresh install with the default LAN subnet 192.168.1.0/24 and WirelessVLAN (VLAN TAG: 15) at subnet: 192.168.15.0/24 using the latest OPNSense version.
I followed this guide: https://homenetworkguy.com/how-to/configure-vlans-opnsense/ for creating a VLAN; in short, here's what I did:
While connected directly into the OPNSense box, I'm able to ping both the LAN and VLAN 15 gateway's. I've added a ZyXel GS1900-48 Managed Switch into my network and I'm able to grab a Dynamic Host Configuration Protocol (DHCP) address while all the ports are untagged. Once I establish a VLAN on the switch, tag and un-tag the ports, I'm unable to pull a DHCP address from the untagged (VLAN 15) port on the switch.
I worked with ZyXel to ensure my VLAN settings are correct and they can be confirmed here: https://mysupport.zyxel.com/hc/en-us/articles/360008607580--Switch-How-to-configure-VLAN-on-GS1900-xx-switches-firmware-2-40-and-newer-.
When I review the DHCP service logs, I don't even see an attempt for an address to be assigned on the 192.168.15.0/24 subnet; the normal LAN subnet works fine when the ports are untagged on the switch.
Any direction would be much appreciated; I tried different guides online and on YouTube to no avail.
I followed this guide: https://homenetworkguy.com/how-to/configure-vlans-opnsense/ for creating a VLAN; in short, here's what I did:
- Created a new VLAN interface [VLAN: 15]
- Assigned the VLAN to the LAN interface [Ix0]
- Enabled the interface and set a static Internet Protocol (IP) address and subnet to 192.168.15.1/24
- After that, I enabled the DHCP server on the VLAN 15 interface and created a scope
- Other than the default DHCP firewall rules, I copied the Any-to-Any default LAN firewall rule to the VLAN 15 interface and changed the source to 'VLAN net'
While connected directly into the OPNSense box, I'm able to ping both the LAN and VLAN 15 gateway's. I've added a ZyXel GS1900-48 Managed Switch into my network and I'm able to grab a Dynamic Host Configuration Protocol (DHCP) address while all the ports are untagged. Once I establish a VLAN on the switch, tag and un-tag the ports, I'm unable to pull a DHCP address from the untagged (VLAN 15) port on the switch.
I worked with ZyXel to ensure my VLAN settings are correct and they can be confirmed here: https://mysupport.zyxel.com/hc/en-us/articles/360008607580--Switch-How-to-configure-VLAN-on-GS1900-xx-switches-firmware-2-40-and-newer-.
When I review the DHCP service logs, I don't even see an attempt for an address to be assigned on the 192.168.15.0/24 subnet; the normal LAN subnet works fine when the ports are untagged on the switch.
Any direction would be much appreciated; I tried different guides online and on YouTube to no avail.