"
I decided to remove the switch from the routing and use my Opnsense firewall to handle it all. I've got it working now.
Thanks for help me out.
Thanks for help me out.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.7, 24.10 Legacy Series / Re: Wifi vlan 30 can't acces the internet
November 23, 2024, 04:26:16 AM #2
24.7, 24.10 Legacy Series / Re: Wifi vlan 30 can't acces the internet
November 22, 2024, 10:37:28 PM
so the cisco switch only does static routes. so not routing protocol there. IT may be better to move the routing to the opnsense rather than doing static routes and firewall rules.
would this be a better solution for this based on my hardware?
I very very rusty on networking. I took some network classes in college about 20 years ago.
would this be a better solution for this based on my hardware?
I very very rusty on networking. I took some network classes in college about 20 years ago.
#3
24.7, 24.10 Legacy Series / [Resolved]Wifi vlan 30 can't acces the internet
November 21, 2024, 11:23:20 PM
I'm attempting to segregate my network into VLANs for lan-wifi, iot, wired-lan. and phones. My setup is a mix of hardware.
AP is a TP-link Omada EAP670
Switch is cisco 2960s 48 port
opnsense firewall on a four-port network appliance.
Firewall LAN - LAGG01 port 2 and 3 connected to a port channel made up of ports 47-48 trunked with a native vlan10 on the switch and a subnet of 10.100.10.0/23
The switch is configured for routing. I know the 2960s is not a full layer3 switch but it can do intervlan routing
it has the following VLANs configured
Lan VLAN10 - 10.100.10.0/23
wireless lan ssid 1 VLAN20 - 10.100.20.0/23
iot ssid 2 - VLAN30 - 10.100.30.0/24
Servers - VLAN50 - 10.100.6.0/25
network - VLAN60 - 10.100.6.128/25
the AP has two SSIDs configured
1 - no vlan and can access the internet 10.100.10.0/23 subnet
2 - vlan30 can't access the internet 10.100.30/24 subnet
I want to have the ssids have vlan 20 and 30 to limit the broadcast domains and to block IOT traffic from the Lan
I have attached the switches show run if that helps
I'm missing something but I need some help fixing it.
AP is a TP-link Omada EAP670
Switch is cisco 2960s 48 port
opnsense firewall on a four-port network appliance.
Firewall LAN - LAGG01 port 2 and 3 connected to a port channel made up of ports 47-48 trunked with a native vlan10 on the switch and a subnet of 10.100.10.0/23
The switch is configured for routing. I know the 2960s is not a full layer3 switch but it can do intervlan routing
it has the following VLANs configured
Lan VLAN10 - 10.100.10.0/23
wireless lan ssid 1 VLAN20 - 10.100.20.0/23
iot ssid 2 - VLAN30 - 10.100.30.0/24
Servers - VLAN50 - 10.100.6.0/25
network - VLAN60 - 10.100.6.128/25
the AP has two SSIDs configured
1 - no vlan and can access the internet 10.100.10.0/23 subnet
2 - vlan30 can't access the internet 10.100.30/24 subnet
I want to have the ssids have vlan 20 and 30 to limit the broadcast domains and to block IOT traffic from the Lan
I have attached the switches show run if that helps
I'm missing something but I need some help fixing it.
Pages1
