Messages

1

24.7 Production Series / Re: Wifi vlan 30 can't acces the internet

« on: Today at 04:26:16 am »

I decided to remove the switch from the routing and use my Opnsense firewall to handle it all.  I've got it working now.

Thanks for help me out.

2

24.7 Production Series / Re: Wifi vlan 30 can't acces the internet

« on: November 22, 2024, 10:37:28 pm »

so the cisco switch only does static routes.  so not routing protocol there.  IT may be better to move the routing to the opnsense rather than doing static routes and firewall rules.

would this be a better solution for this based on my hardware?

I very very rusty on networking.  I took some network classes in college about 20 years ago.

3

24.7 Production Series / [Resolved]Wifi vlan 30 can't acces the internet

« on: November 21, 2024, 11:23:20 pm »

I'm attempting to segregate my network into VLANs for lan-wifi, iot, wired-lan. and phones. My setup is a mix of hardware.

AP is a TP-link Omada EAP670 
Switch is cisco 2960s 48 port
opnsense firewall on a four-port network appliance.

Firewall LAN - LAGG01 port 2 and 3 connected to a port channel made up of ports 47-48 trunked with a native vlan10 on the switch and a subnet of 10.100.10.0/23

The switch is configured for routing. I know the 2960s is not a full layer3 switch but it can do intervlan routing

it has the following VLANs configured

Lan VLAN10 - 10.100.10.0/23
wireless lan ssid 1 VLAN20 - 10.100.20.0/23
iot ssid 2 - VLAN30 - 10.100.30.0/24
Servers - VLAN50 - 10.100.6.0/25
network - VLAN60 - 10.100.6.128/25

the AP has two SSIDs configured

1 - no vlan and can access the internet 10.100.10.0/23 subnet
2 - vlan30 can't access the internet 10.100.30/24 subnet

I want to have the ssids have vlan 20 and 30 to limit the broadcast domains and to block IOT traffic from the Lan

I have attached the switches show run if that helps

I'm missing something but I need some help fixing it.