1
General Discussion / Moving pfsense->OPNSense with Unifi VLANs
« on: January 07, 2020, 09:47:47 pm »
This may be a stupid question, but for the life of me I can't figure out how to solve this in the OPNSense world.
So I had a pfsense router that used 802.11 tagged VLANs to route traffic across different SSIDs.
I've migrated this to OPNSense and have it *almost* entirely working, except that I can't seem to get the VLAN tagged traffic routed.
I have rules defined that should all all traffic to be routed everywhere, and it's working fine for untagged traffic coming from the Unifi AP.
So, for example,
Working
WAN <-> OPNSense <-> Uniifi AP (but untagged traffic)
Not working
WAN <-> OPNSense <-> Unifii AP SSID indicated with tagged VLAN
Strangely, all of the devices on VLANs are able to get correct IP addresses allocated from the VLAN subnet address range from the OPNSense DHCP server, but they even can't ping their own subnet gateway, much less get routed to the internet.
I think pfsense got around this by having a section where you had to tag traffic as "0,2t", but I don't know how to do this in OPNSense.
Any suggestions appreciated.
So I had a pfsense router that used 802.11 tagged VLANs to route traffic across different SSIDs.
I've migrated this to OPNSense and have it *almost* entirely working, except that I can't seem to get the VLAN tagged traffic routed.
I have rules defined that should all all traffic to be routed everywhere, and it's working fine for untagged traffic coming from the Unifi AP.
So, for example,
Working
WAN <-> OPNSense <-> Uniifi AP (but untagged traffic)
Not working
WAN <-> OPNSense <-> Unifii AP SSID indicated with tagged VLAN
Strangely, all of the devices on VLANs are able to get correct IP addresses allocated from the VLAN subnet address range from the OPNSense DHCP server, but they even can't ping their own subnet gateway, much less get routed to the internet.
I think pfsense got around this by having a section where you had to tag traffic as "0,2t", but I don't know how to do this in OPNSense.
Any suggestions appreciated.