Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] WAN interface VLAN tagging
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] WAN interface VLAN tagging (Read 710 times)
mimitair
Newbie
Posts: 9
Karma: 0
[SOLVED] WAN interface VLAN tagging
«
on:
September 14, 2024, 02:17:11 pm »
Dear OPNsensers
I am in Belgium and my internet is being provided by the Proximus ISP. I have a fiber modem installed and would like to attach my own private router instead of their smart box. My router has one physical WAN port and one physical LAN port. The ISP demands that "the WAN interface must be tagged to VLAN 20." I am now wondering how I need to configure this. Am I correct in creating a VLAN with the physical WAN port as its parent and then assigning the interface? I'm assuming I should also make some configurations in the firewall to properly route the traffic? I would appreciate if someone could provide some guidance on how to set this up correctly. Thank you in advance!
Kind regards
«
Last Edit: September 26, 2024, 09:25:34 am by mimitair
»
Logged
dseven
Sr. Member
Posts: 307
Karma: 33
Re: WAN interface VLAN tagging
«
Reply #1 on:
September 14, 2024, 07:24:49 pm »
It appears (from a quick Google search) that Proximus wants you to be a DHCP client on VLAN 20. You could either interrupt the first boot from install media when prompted to do interface assignments, or select it from the menu when logging in on the console. Add VLAN20 to your WAN physical interface, then when prompted for the WAN interface name, select the VLAN that you just created - it'll be something like "igc0_vlan20" (the first part depending on the type of physical interface). It'll do DHCP by default, so it should "just work"....
Logged
mimitair
Newbie
Posts: 9
Karma: 0
Re: WAN interface VLAN tagging
«
Reply #2 on:
September 15, 2024, 09:29:50 am »
Thank you for your reply.
If I understand correctly. The physical WAN port (igb0 in my case), needs to be assigned to the VLAN20 device.
Intermezzo: Does "device" mean the same as a "network interface card"?
I'm assuming I can also do this through the web GUI like so (see screenshot). I've currently disabled the modem_wan interface (vlan20) and assigned it to the actual physical WAN port, since opnsense threw an error stating that the device is connected to two interfaces. I'll try this and update if it works.
Kind regards
Logged
dseven
Sr. Member
Posts: 307
Karma: 33
Re: WAN interface VLAN tagging
«
Reply #3 on:
September 15, 2024, 11:22:34 am »
What you have there should be OK so long as "modem_wan" is not configured for IP - i.e. set "IPv[46] Configuration Type" to "None". For "WAN", select "DHCP" for "IPv4 Configuration Type".
Unfortunately terminology in this area is used a bit loosely. At least as I understand it: "Device" (as in your screenshot) would be the network device presented by the (FreeBSD) operating system - it could be a physical NIC or a virtual one (you have both). "Identifier" is a (fixed) internal identified assigned by OPNsense (you don't have much control over these). "Interface" is based on the description that you provide when you assigning an interface.
Logged
mimitair
Newbie
Posts: 9
Karma: 0
Re: WAN interface VLAN tagging
«
Reply #4 on:
September 15, 2024, 03:06:37 pm »
Hello
The configuration above worked, and I am getting a stable internet connection through the opnsense router!
. However (not a question, just going to rant here a bit), I'm slowly figuring out that the ubiquiti switch and access point I have will not work since the gateway is not ubiquiti as well lol. No way to access the unifi.ui site manager without paying $30/month for their hosting services. The switch is working and actively handling the traffic now, just no way to configure it with all the vlan capabilities and stuff without access to their site manager. Makes me pretty pissed. Anyway, I should have seen this coming and thought about before buying. Thank you for your support.
Kind regards
Logged
dseven
Sr. Member
Posts: 307
Karma: 33
Re: WAN interface VLAN tagging
«
Reply #5 on:
September 16, 2024, 09:40:03 am »
You can run your own instance of the UniFi Network Application locally (at no cost). I run mine under Docker on a "home lab" server. You can even run it on Windows (I haven't tried this myself):
https://help.ui.com/hc/en-us/articles/360012282453-Self-Hosting-a-UniFi-Network-Server
Logged
mimitair
Newbie
Posts: 9
Karma: 0
Re: WAN interface VLAN tagging
«
Reply #6 on:
September 26, 2024, 09:23:22 am »
Dear dseven
Thank you for this information. I've been able to set it all up. I will mark this thread as solved.
Kind regards
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] WAN interface VLAN tagging