Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
noob of noobs need help in configuring and placing
« previous
next »
Print
Pages:
1
2
[
3
]
Author
Topic: noob of noobs need help in configuring and placing (Read 9282 times)
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: noob of noobs need help in configuring and placing
«
Reply #30 on:
June 25, 2020, 10:03:44 am »
If you also pass an untagged LAN then yes, but it starts to defeat the whole point of using VLANs. What you cannot do is just connect a PC to trunk and give it an IP in one of the VLANs, that will not work.
What you could do is check to see if your laptop allows you to set a VLAN ID on the network interface properties. On windows you can find that by going to the properties of the network adaptor, where you would set the IP, you'll see a button there for 'Configure', that opens a new window. Select the 'Advanced' tab and see if there is a setting in the properties list for VLAN ID. If there is then you can set that to the VLAN you wish to use and you're done. It also allows you to switch between VLANs, I use it to test my trunks and VLANs are working correctly.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
wbravin
Newbie
Posts: 30
Karma: 0
Re: noob of noobs need help in configuring and placing
«
Reply #31 on:
June 25, 2020, 10:49:27 am »
thank you for this directive
I have checked my laptops (and because they are old) i do not have a VLAN ID option. however i do have a priority and vlan. clicking on this i have the option of priority and vlan enable, priority and vlan disable. vlan enable
and priority enabled.
i would agree that passing an untagged lan would work. if i think closely to what you are saying it seems to me that i have 2 options.
to a untagged port i would connect one powerline for all my home network
and to a trunk an additional powerline for the vlans then the local managed switch will identify the untagged connection and the vlan connection. i would then assign the port on the local manage switch for that vlan
However, come next week i will install opnsense on the r710 configure it with lan on port 2 of the dell and connect that port to the main managed switch and leave everything as untagged and connect all the servers i have to that switch. and connect a powerline. This would replicate what i have today.
then i would replace the ac87u with and AP
step 1 connect all i have today with 1 ssid
step 2 build a gust network with a second ssid, develop a vlan for the wify and point this vland to the 2 powerline.
so essentially i would have 2 powerline connected to the main switch and for all those pc attached directly to the local powerline.
In this case all iot devices will either be connected to wifi or to a pc that is on a local managed switch and they will not be able to access the untagged network devices.
I truly believe that there is a simpler way to do this. in designing ver 3 of my possible network i come to realise that only 2 devices will be connected by wire to the network. my home automation unit this will be part of the iot and be connected to the main switch so in this case i could build a vlan for ito and assign the vlan to a port on the switch and connect the home automation device to that port. would it not be simpler to just connected to the untagged port and build a rule to control the access from that port. the other device which will be my denon av amp (used only as a preamp) and that will be connected to the local managed switch
once again thank you
«
Last Edit: June 25, 2020, 11:59:43 am by wbravin
»
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: noob of noobs need help in configuring and placing
«
Reply #32 on:
June 25, 2020, 06:44:29 pm »
As I explained before, you cannot prevent a device with an address on a LAN segment from accessing another device on the same LAN segment, if they are within the same address/mask range they will be able to talk to each other without going via the firewall.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
wbravin
Newbie
Posts: 30
Karma: 0
Re: noob of noobs need help in configuring and placing
«
Reply #33 on:
June 25, 2020, 10:39:52 pm »
yes i agree with you however i read that if i put on the main switch a powerline on a untagged port and a second powerline on a trunk hosting the vlans the powerline effectively will consider this having 2 seperate networks
I wrote to d-link forum to ascertain that if i have my local laptops connected to their local powerline with their IP belonging to my private lan.
the main switch should be, once it receives the communication (regardless of the receiving powerline), to identify the sending IP and the sending mac address. from the packet and route it to the right destination based upon the rules for that ip address (or mac address)
The alternative is to put all vlans on one trunk connect to that trunk the powerline and the the end of any powerline install a small manged switch. I would really prefer to avoid this because one of the laptops is in my room and the other in what was a barn that i converted into a summer kitchen and outdoor dining. This laptop only serves to play music when we are eating or drinking outside (like tonight)
Logged
wbravin
Newbie
Posts: 30
Karma: 0
Re: noob of noobs need help in configuring and placing
«
Reply #34 on:
July 05, 2020, 12:47:47 pm »
hello all
i spent the last week fixing the server that arrived damaged. Now its up and running and i installed opnsense on it.
I spent a lot of time designing on paper what my lan. After reading documents and youtube videos I would look like to know if my version 8 i which i wanted to upload my drawing to this message (because a picture equals 1000 words) to no avail because its too large. I also posted on forums for tp link d link and netgear but no response from them.
to recap
i would have
my main lan 192.168.1.x To Connect all my computers and servers
Vlan 20 192.168.2.x to connect my 2 APs
Vlan 30 192.168.3.x to connect my IOT
I will assign vlan 20 vlan 30 and main lan to a port in opnsens connect this port to the loft main smart switch
In the Loft main smart switch I build the same vlans.
to on trunk on the switch i assign vlan 20 vlan 30 and main lan to this trunk i will connect the powerline
to an other port on the managed switch I assign Vlan 20 and valn 30 (to connect the AP) which will have Home and guest networks and i will also assign to the guest network to the wireless projector. Here i still have my doubts.
to an other port on the managed switch i assign vlan 30 *to connect my home automation solution)
to an other port on the managed switch (this will be untagged) i will connect my servers (192.168.1.x) via a switch
now to the powerline connected to the loft smart switch i connect
1 pc via powerline in the office (192.168.1.x)
1 pc via powerline in the bedroom (192.168.1.x)
1 pc via powerline in the barn (192.168.1.x)
Living Room
1 powerline connected to local managed switch which has vlan 20 assigned to a port to which i connect an additional AP, vlan 30 assigned to a port to which i connect the tv and to an un-tagged port i connect the local HTPC
Home Theater
1 powerline connected to local managed switch which has vlan 30 assigned to a port to which i connect connect the Denon and to an un-tagged port i connect the local HTPC
I hope this is clear enough to allow you to please provide me with your opinion or recommendation on this design.
I thank you all in advance for all the help you are providing me
Logged
Print
Pages:
1
2
[
3
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
noob of noobs need help in configuring and placing