No ping between VLANs and No ping from the switch to the OpnSense IP

Started by ahmedghost_81, December 17, 2024, 04:02:15 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 17, 2024, 04:02:15 AM
Hi All
I am new to opnsense, please excuse my ignorance.
as stated on the subject, I have installed OpnSense with the following version details
Versions
OPNsense 24.7.10_2-amd64
FreeBSD 14.1-RELEASE-p6
OpenSSL 3.0.15

I have configured the LAN interface with DHCP IP Address 172.16.10.0/24 and assigned the IP address 172.16.10.2 as OpnSense IP
I also created 4 VLANS and assigned them under the LAN interface

VLAN20IoT 10.50.50.1
VLAN30Storage 172.16.30.1
VLAN40Servers 172.16.0.1
VLAN50WorkStations 172.16.50.1

connect the LAN interface to a Cisco switch and configure port 1 as a trunk with the following configurations
interface GigabitEthernet6/0/1
 description Main Input from OPNSense
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10,20,30,40,50
 switchport mode trunk

also here are the vlan configurations on the switch
interface Vlan1
 ip address 192.168.0.10 255.255.255.0
!
interface Vlan10
 description ManManagement Vlan
 ip address 172.16.10.3 255.255.255.0
!
interface Vlan20
 description IoT Devices Vlan
 ip address 10.50.50.1 255.255.255.0
!
interface Vlan30
 ip address 172.16.30.1 255.255.255.0
!
interface Vlan40
 ip address 172.16.0.1 255.255.255.0
!
interface Vlan50
 ip address 172.16.50.1 255.255.255.0
!
ip default-gateway 172.16.10.2

and configured port 6/0/2 as access port to access vlan 20
interface GigabitEthernet6/0/2
 description Test Connectivity
 switchport mode access
 switchport access vlan 20

on opnsense, I have configured DHCP for all Vlans and LAN network
I also added a FW rule on each VLAN to allow access to the internet and ICMP and DNS

now when I connect my machine to an untagged port which is VLAN 1 my machine gets the IP Address on the 172.16.10.0/24 network and can browse the internet with no issue
but when I connect it to any of the tagged vlan regardless of Vlan20 or 40 I get the DHCP address but can't ping the other vlans or browsing the internet.

I give up after a couple of days of trying to figure out what is going on, any help is much appreciated.

Regards
 
December 17, 2024, 05:42:08 AM #1
I finally was able to figure it out after I posted here, I have to remove the IP addresses from each VLAN on the Cisco switch
Print
Go Up Pages1
User actions