Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Using unused physical ports for existing VLANs
« previous
next »
Print
Pages: [
1
]
Author
Topic: Using unused physical ports for existing VLANs (Read 1187 times)
MeltdownSpectre
Newbie
Posts: 11
Karma: 2
Using unused physical ports for existing VLANs
«
on:
July 22, 2022, 06:46:11 pm »
Hi,
Recently bought myself a Qotom Mini PC with 5x Intel I225-V NICs and a Celeron J4125. First thing I did was install OPNsense on it. I've been experimenting with the various features and trying to learn about VLANs.
Up until now, I didn't have any managed switches at home and pretty much every thread I come across on this forum and the forum of a similarly named firewall suggest to use a managed switch rather than an unmanaged one.
It's hard to come by managed switches in my country, especially at a reasonable price, so I asked a friend to buy one from the US and bring it with him when he returns in a few days. It's a Netgear GS308T, an 8-port managed switch that supports 802.1q VLAN tagging which I believe is what I need.
My ideal setup would consist of 3 VLANs management (VLAN10), trusted (VLAN20) and guest (VLAN30). I do not require a specific one for IoT devices since I do not have any in use at home.
The OPNsense box, along with some other devices will be placed in a networking closet and the Netgear switch will be in another part of the house.
I expect to use the interface igb0, which is the first port on the left of the OPNsense box to connect to the Netgear switch and pass 3 different VLAN tags to the switch, which will then pass them on to the OpenWrt APs allowing me to use 1 SSID for trusted devices and 1 SSID for the guest network.
However, there are 3 wired devices in the networking closet (Plex Server, Synology NAS and a Raspberry Pi) that I would want on the trusted VLAN. Conveniently, the OPNsense box has 3 physical Ethernet ports that are currently not used (igb1, igb2 and igb3).
Since the 3 VLANs I created earlier will be passed on to the switch using interface igb0, would I be able to use the igb1, igb2 and igb3 ports to connect the 3 devices in the networking closet and put them on the trusted VLAN?
I made a crappy diagram on Microsoft Paint and attached it to this post to try and get my point across in case anyone wants to avoid reading this wall of text.
I'd like to know if what I'm describing above is possible and if anyone has any suggestions / recommendations for my planned setup.
I'm not a complete newbie to networking, but the concept of VLANs are still somewhat new to me, and I'm not familiar with OPNsense enough to know if this is possible or not.
I can't share any screenshots of my existing configuration since I haven't done any of them yet. The OPNsense box has not replaced my main router yet since I'd like to figure everything out first and thoroughly test my planned config.
Logged
Patrick M. Hausen
Hero Member
Posts: 6848
Karma: 575
Re: Using unused physical ports for existing VLANs
«
Reply #1 on:
July 22, 2022, 06:48:11 pm »
You need to create a LAN bridge with the VLAN and the three physical ports as members. There's a section in the documentation on how to do that.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Using unused physical ports for existing VLANs