I'm trying to get the initial setup done for adding VLANs to my home network, and I'm all confuzzled. At the moment, I just want a simple setup, with a main VLAN10, and an infra VLAN100. I'm going to expand beyond this, but this is the first step. I'm connecting to the managed switch via the igc1 port. I've got the port on the switch setup as a trunk, with no native VLAN, and it shows all VLANs as tagged. I've got the VLAN devices created in OpnSense, with igc1 as the parent.
What I can't seem to figure out is how to setup the LAN and VLAN100 interfaces/assignments. I've followed the VLAN setup guide (http://what%20i%20can't%20seem%20to%20figure%20out%20is%20how%20to%20setup%20the%20LAN%20and%20VLAN100%20interfaces/assignments.), and looked around the forums here. I've also asked ChatGPT a few things, and it can't make up its mind at all (shocking). I'd like for the OpnRouter to be on VLAN100, as that seems to be quite "infrastructure" related. I know after this I'll need to set up firewall rules for intra-VLAN access, but I want to get the core pieces set first.
So, here are my questions...
1) What device should the LAN interface be assigned to? igc1, or vlan0.100?
2) On which interface should the network for the VLAN100 be setup? LAN, or VLAN100?
3) Should I be running a second untagged access port to the switch which is VLAN100, or is that overkill?
Hardware:
Protectli Vault V2430
Cisco CBS250-48T-4G
So the igc1 is the trunk port on OPNsense now. It caries VLAN 10 and 100. On this port you configure the VLAN device for each, which you did already. This gives you virtual network ports, which you are able to assign to interfaces in Interface> Assignments.
Now if you want that your LAN is on VLAN 100, select igc1.100 as its network port.
However, ensure before, that VLAN 100 already works on the switch to avoid locking out yourself.
For additional interface assign the proper virtual network port (e.g. igc.10) to a new interface and configure it.