VLAN

Started by grant4790, March 22, 2024, 11:30:02 PM

Previous topic - Next topic
Print
Go Down Pages1 2 3 4
User actions
March 22, 2024, 11:30:02 PM
I have been at this for two days now, I cannot get this vlan to work I have a dell R730 running OPNsense in a VM it has two ports dedicated to it one wan one lan WAN is RJ45 LAN is SFP+ twinaxe cable that connects to a cisco 3650 switch that port I have set to Trunk vlans 1 and 10. pots 5 on said switch has the same config for my u7 pro AP, Finally port 35 is set as access for vlan 10 which is my desktop that I am testing this issue with. Vlan 1 can ping vlan 10s gate way however anything connecting to my vlan 10 SSID via my AP wont get an IP nor will my desktop which as I mentioned is connected via an access port to vlan 10 please help my brain hurts. Thank you in advance.
March 22, 2024, 11:43:17 PM #1
Which firewall rules did you create for the new VLAN?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 23, 2024, 03:09:57 PM #2
The pre generated, and access to the internet
March 23, 2024, 08:20:36 PM #3
For the new VLAN there are no pre-generated. Only for the default LAN interface. Whenever you create a new interface you also need to create firewall rules for this one.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 23, 2024, 10:31:14 PM #4
Then what's the folder that says "pre-generated rules 18" that have DHCP and others in it?
March 23, 2024, 11:28:32 PM #5
What's a "folder"? Post a screenshot, please.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 23, 2024, 11:47:41 PM #6
Here is a SS of my rules for vlan 10 with the generated rules folder extended and not extended
March 24, 2024, 06:32:59 PM #7
I don't see any manually added "allow" rule for anything. Which is of course necessary.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 24, 2024, 06:39:30 PM #8
I have these manually made one
March 24, 2024, 06:56:55 PM #9
Looks ok to me. Time to login to OPNsense via SSH and watch with tcpdump what is actually happening on the wire.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 24, 2024, 07:20:18 PM #10
I was looking at the DHCP logs and it was listening, I am SSHing in now, just "tcpdump" in shell im assuming?
March 24, 2024, 07:32:04 PM #11
I did "tcpdump -i vlan0.10" it is empty nothing going on I just connected my phone to the SSID that is set to tag vlan 10. and the switch is set to trunk vlan 1 and 10 on the AP port, and the firewall to switch port is set to do the same. No DHCP IP on my phone no tcpdump traffic on the vlan eitther
March 24, 2024, 08:47:07 PM #12
Then your AP is not forwarding the frames as you expect it to do.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 24, 2024, 08:48:52 PM #13
I thought it was AP as well but if I set one of my switch ports to access vlan 10 that end device does not get connection to vlan 10 either. Im beginning to think it may be something with my switch it is a cisco 3650 if you know anything about them.
March 24, 2024, 08:51:39 PM #14
"switchport mode trunk" set on all ports carrying tagged VLANs?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1 2 3 4
User actions