Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Getting self-assigned IP on VLAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Getting self-assigned IP on VLAN (Read 1051 times)
blackholesun
Newbie
Posts: 4
Karma: 0
Getting self-assigned IP on VLAN
«
on:
April 09, 2024, 04:18:57 pm »
My setup looks like this:
OPNSense Router -> MikroTik Switch -> Netgear PoE Switch -> Unifi APs
I have a Guest VLAN configured with tag 20. An interface has been assigned, and DHCPv4 has been enabled to assign IP addresses between 192.168.20.10 and 192.168.20.245. The APs have also been configured to tag 20 on a Guest SSID. When I connect a device to the wireless network, I can see the MAC address and the correct VLAN tag in the MikroTik switch. However, DHCP does not seem to work and the device gets a self-assigned 169.. IP address.
I have followed numerous articles and videos and I can't seem to find anything else to try at this point. Is there a way I can see if the VLAN tag is getting correctly passed to OPNSense? At this point I'm not sure if it's a problem with my OPNSense configuration or if the VLAN tag is getting stripped at some point.
Logged
Saarbremer
Sr. Member
Posts: 353
Karma: 14
Re: Getting self-assigned IP on VLAN
«
Reply #1 on:
April 10, 2024, 12:35:14 pm »
Hi,
in a first attempt you could run a packet capture on VLAN20 Interface on OPNsense and check if DHCPREQ is coming through - and if yes, if it gets answered.
If there is no traffic at all from the unifi AP's mac address you may want to check your switches' VLAN setup. If the DHCP request doesn't get answered check your DHCP configuration (is it enabled?) and the firewall live view to investigate if any packets get filtered
Logged
blackholesun
Newbie
Posts: 4
Karma: 0
Re: Getting self-assigned IP on VLAN
«
Reply #2 on:
April 10, 2024, 03:56:35 pm »
I ran the packet capture, and got some results I'm not sure I fully understand. I can definitely see the DHCP requests coming from the client device (iPhone) I am connecting. This time, when I connected the device, I actually got an IP address from DHCP for a few seconds. However no internet access (even though I copied over the same firewall rules from the normal LAN network to the VLAN).
After a few seconds of no internet access, my iPhone disconnected and tried to grab a new IP address, which again is shown in the logs, but this time it failed and I got a self-assigned IP address.
Logged
blackholesun
Newbie
Posts: 4
Karma: 0
Re: Getting self-assigned IP on VLAN
«
Reply #3 on:
April 10, 2024, 04:45:10 pm »
I just tried connecting a wired client to the same VLAN. It seems to be working without issue. I can ping the device between VLANs, and I can `curl
https://google.com
` from the client on the guest VLAN.
I'm now thinking it has to be either a problem with the AP configuration or with iOS itself. This also happens with my Mac laptop.
Logged
Saarbremer
Sr. Member
Posts: 353
Karma: 14
Re: Getting self-assigned IP on VLAN
«
Reply #4 on:
April 11, 2024, 11:36:30 am »
Hi,
regarding unifi: Did you enable DHCP there as well? Make sure to disable it - and to assign the network to the correct vlan. Maybe there is some vlan tagging mixup going on. But that's just a guess. Good luck.
Logged
blackholesun
Newbie
Posts: 4
Karma: 0
Re: Getting self-assigned IP on VLAN
«
Reply #5 on:
April 11, 2024, 05:56:59 pm »
I'm only using Unifi APs and their self-hosted controller. There is definitely no DHCP server there. What's really weird is that I will intermittently get an IP address, but no internet access when I connect to the WiFi. And then sometimes I won't get an IP address either
Logged
Saarbremer
Sr. Member
Posts: 353
Karma: 14
Re: Getting self-assigned IP on VLAN
«
Reply #6 on:
April 12, 2024, 11:05:46 am »
I would recheck the switches' configuration again. Is everything set to tagged correctly/ is untagged correctly set.
And...
I would make sure that OPNsense is connected to switches only using tagged VLANs. Mixing untagged/tagged settings on OPNsense may or may not work as expected. In my setup all interfaces are VLANs with a disabled parent. That reduces the risk of annoyment significantly.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Getting self-assigned IP on VLAN