Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: Arcau on December 29, 2023, 12:42:31 PM

Title: Inter-VLAN traffic not working properly
Post by: Arcau on December 29, 2023, 12:42:31 PM
I have setup some VLANs and they are working for what I was using them for.

I have LAN (default / mgmt) main PC sits on this.
IoT - all the garbage things connect to this via wifi
Work - Work PC connects to this via wifi
PNI - Printer No Internet



PNI - is the one im having issues with as I want it isolated from everything - but I still need LAN and Work to be able to talk to it.

Using Unifi CloudKey Gen2 and USW-LITE-8-POE and USW-LITE-16-POE.

I can tag the port in the unifi network dashboard and the printer will get the address I am expecting.
It is setup on 33.33.33.33/30 - VLAN ID 33
So the printer does get the 33.33.33.34 IP address I am expecting it to from DHCP.

LAN is setup 10.100.10.0/24

However when adding in the rule to the PNI interface - I still can not ping the printer, or the interface at OPNSense.

From what I understand that should allow traffic through FROM the LAN network to the PNI network no?
The Unifi switch has the VLAN tag 33 added to it with the Tagged VLAN Management option set to Allow All.
So please any help or pointing in the right direction would be greatly appreciated here.

Title: Re: Inter-VLAN traffic not working properly
Post by: Bob.Dig on December 29, 2023, 12:56:32 PM
Quote from: Arcau on December 29, 2023, 12:42:31 PM
From what I understand that should allow traffic through FROM the LAN network to the PNI network
Correct. But you have to create this rule on LAN (and every other interface that should be able to print), not on the interface the printer is, this can be empty.
Title: Re: Inter-VLAN traffic not working properly
Post by: Arcau on December 29, 2023, 01:15:08 PM
Quote from: Bob.Dig on December 29, 2023, 12:56:32 PM
Quote from: Arcau on December 29, 2023, 12:42:31 PM
From what I understand that should allow traffic through FROM the LAN network to the PNI network
Correct. But you have to create this rule on LAN (and every other interface that should be able to print), not on the interface the printer is, this can be empty.
Thanks for the clarification on that, however it is still unable to ping the interface.

I have double checked that blokc private networks is NOT ticked in the interface options.
I have also tried both an IN and an OUT rule and still no joy.

I am missing something simple I am sure of it but I just can't see the problem.
The printer rule set is completely empty now as you suggested.
Title: Re: Inter-VLAN traffic not working properly
Post by: Bob.Dig on December 29, 2023, 01:25:24 PM
Quote from: Arcau on December 29, 2023, 01:15:08 PM
I have also tried both an IN and an OUT rule and still no joy.
In is correct, leave it like that. So your problem is outside of the *Sense. Can't help you with that.
Title: Re: Inter-VLAN traffic not working properly
Post by: Arcau on December 29, 2023, 01:26:09 PM
Thanks that cleared it up at least and now points me to unifi.
Muchly appreciated
Text only | Text with Images