ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500ugen0.3: <Realtek USB 101001000 LAN> at usbus0, cfg=1 md=HOST spd=SUPER (5.0Gbps) pwr=ON (64mA)
I was faced with the same issue when changing from a dual NIC to a single NIC hardware platform. Instead of going for an external NIC, I opted for a VLAN setup.You basically configure a WAN port and LAN port(s) on the switch, while you trunk both traffic streams down to OPNsense on its switch port as separate VLAN's. Added benefit is that you can further carve up your network; e.g. have a guest port that can only see the internet, or an IoT segment that is more strictly monitored.While you can spend thousands on enterprise gear, VLAN capable switches don't need to cost the earth. Check out the TP-Link managed switches like the TL-SG105E. Bart...
Can you check from the console? You'll be able to bring the WAN interface up and down and ping external hosts separately from getting your LAN up and running. I have hardly any Cisco experience, but I know that they can be slightly awkward. The first thing I would try is changing VLAN 1 on port 2 to be tagged, or remove it.You may also want to put the modem aside for a moment and confirm that the trunk on port 2 works as you expect. E.g. connect a DHCP server on port 1 and confirm that the "WAN" interface on OPNsense picks up an IP address.Bart...
Quote from: bartjsmit on November 18, 2018, 09:52:14 amI was faced with the same issue when changing from a dual NIC to a single NIC hardware platform. Instead of going for an external NIC, I opted for a VLAN setup.You basically configure a WAN port and LAN port(s) on the switch, while you trunk both traffic streams down to OPNsense on its switch port as separate VLAN's. Added benefit is that you can further carve up your network; e.g. have a guest port that can only see the internet, or an IoT segment that is more strictly monitored.While you can spend thousands on enterprise gear, VLAN capable switches don't need to cost the earth. Check out the TP-Link managed switches like the TL-SG105E. Bart...So I got a Cisco SG200-08 and created a VLAN 101 for WAN traffic.Configuration:Port 1: WAN Link (Cable from my modem)Port 2: LAN Link (OPNSense)Port 1: PVID 101, 101 Untagged Port 2: PVID 1, 1 Untagged and 101 TaggedProblem is that when I connect the WAN cable the switch still says Link Down even though the cable is connected.Why? Sorry I'm a networking noob I have added the VLAN in OPNSense: Interfaces: Other Types: VLANAnd changed the WAN assignment to VLAN 101 in OPNSense Interfaces: Assignments
Hi Alex,Your dongle seems restricted by either the USB bus (2.0) or its Ethernet interface (100 Mbps).My ISP doesn't do the VLAN thing, but you are right in setting the WAN VLAN to 7 and tag the port to your ISP gear.All VLAN's are completely separate logically but they do of course share the same physical link. Without QoS, traffic on one VLAN can reduce the throughput on another. Given that it is all gigabit, you will have enough capacity at least at most times. It will certainly feel faster than your 90 Mbps dongles.If congestion does become an issue, you could move the Synology to the busiest VLAN and use its firewall to restrict local access.Bart...
