This is my test bench:
(https://i.imgur.com/JOGxi8z.png)
The router is a Nanopi r4s 4GB, running this image: https://mirror.fkardame.com/Linux/Images/FriendlyArm/NanoPi%20R4s/
I have setup the same VLANs in OPNsense as those on the switch, and I see OPNsense trying to hand out leases, but they never arrive to the clients.
(https://i.imgur.com/WPOj1N6.png)
When I flash OpenWRT on the same Nanopi, and I setup the same VLANs, the clients get leases without problems, which leads me to believe it's something with OPnsense, but what?
Looking through other topics, I can confirm I don't have VLAN hardware filtering nor Intrusion Detection enabled.
Some screenshots of the VLAN setup:
https://i.imgur.com/vGMlQlS.png (https://i.imgur.com/vGMlQlS.png)
https://i.imgur.com/qmrkPXJ.png (https://i.imgur.com/qmrkPXJ.png)
Setup on the switch:
https://i.imgur.com/2Vfohre.png (https://i.imgur.com/2Vfohre.png)
https://i.imgur.com/mutbMgs.png (https://i.imgur.com/mutbMgs.png)
Edit: replaced images with links because this forum isn't formatting them correctly
I have created a mirror of ethernet 1/1/1 and attached wireshark to it.
The only thing it sees is the connected device asking for an IP address, time after time:
(https://i.imgur.com/2e9XFn9.png)
The answer from Opnsense isn't even reaching port 1/1/1, even though I see an IP address being offered in the DHCP logs of opnsense.
What could be causing this?