I'm subscribed after you saved me! I had the exact same error you had only I was thinking it was my Nic cards not being vlan aware! Silly me, I guess I thought I did everything correctly but when no dhcp lease IP was given for the newly created vlans that was driving me crazy. "pfSense by default always tells us do not add two gateways,"... well this time it's different. That's a bug that needs to be fixed. I was checking for bad cables, nic card vlan aware, ports connected snugly, and basically not my settings :) Thank you for picking up on this since no other person found this "bug." pfSense V2.6.0-RELEASE (amd64)
One thing I'm confused about is your firewall rule for the SERVERS network. If the first rule allows connections out to everywhere except internal address space why would you need another rule to deny communications to IoT network? Wouldn't the IoT network use the already blocked RFC1918 address space from the first rule?
שאלה, hp microserver הוא יכול להריץ pfsense? ניסיתי לעשות בוט מ-usb לא נתן. במקביל אני שוקל להתקין את pfsense על proxmox אבל לא בטוח לגבי החיווט של הרשת
This is a great video!! My question is how did you setup you management vlan. Does it connect to the lan port or to one of the other physical ports? Thanks.
Best video I've found on this subject! You clearly explain what needs to be done and walk the viewer through the process. Really appreciate the level of detail you went into. Thanks for making this video!
At 19:00 why do you need a second rule for the block from servers network to IOT network? Doesnt the alias FW rule already block that because the IOT vlan would full into the listed IPs? It seems unnecessarily redundant?
When I do this, my devices are obtaining IP from the parent and not the vlan. If I turn parent off, nothing works. What settings did you use on parent to make the vlans take over the dhcp?
Could I just create the vlans on the switch and then pfsense will recognise different vlans and route them? It would be easier to have them on the switch and directly assign them to their respective ports?
I am not getting internet traffic on my 3100. The steps were followed as directed. i am hesitate about tagging because it will lock me out of box. It seems to be most confusing. The lan 4 is used to login 3100. So would tag all vlans to port 4?
Why did you use 172.16.vlantag ??? at 06:56 . shouldn't you use 10.100.vlantag ??? Can I create a totally new ip there? and it will be the ip that will appear to the person? Thanks in advance
@@TechMeOut5 I've just created the VLAN at pfsense, and at TP-link L2+ switch i attached to the vlan by mac address, did the ipconfig release and renew, showed the right address. But can't connect to the internet. I've copied your vlan ipv4 address, could this be the problem?
Hi your questiom is unclear and sadly, it looks like a far too elaborate topic to be troubleshooting with a comment on youtube video. With all willingness to help...
@@TechMeOut5 One AP, but I want that all my family phones go to my private network, lets say LAN, but all my IOT devices or guests phones want to go to IOT VLAN.
If the Default Gateway given by PFsense DHCP server is pointed at the vlan interface IP on FW, wouldn't that mean if clients need to communicate between VLANs for non-internet bound traffic (ie. pc_client talking to servers) that the PFsense would have to do the routing and is less in performance than if the L3 switch did the routing?
Thanks for the tutorial. It's still not working for me though. I have a Cisco SG300 switch set to Layer 3 with all VLAN's configured. I setup the same VLAN's on the pfSense, but I'm unable to hit the Firewall. I'm able to hit the default gateway of the VLAN, but not the pfSense Firewall. I'll keep tinkering with it.
All is missing is assigning the vlan tagging on the switch right? IE, vlan 2 = priority 0 ? Since you prioritize 0 to all, is that means all traffic from different vlans get top priority?
great video bro, just inherited a pfsense box on my new job, lol, this really helps me out, can you please add video on rules please, thanks again. Also adding two separate sites if you can, meaning connecting to two different devices from ISP two connect the two sites from across town, thanks again!!
![CAMPปลิ้น | EP.82[1/2] แก๊ง 3 สาวเพื่อนซี้บุก CAMPปลิ้นครั้งนี้ห้ามเสียอาการ](http://i.ytimg.com/vi/_6WUjXHe1TM/mqdefault.jpg)
*If you like this video, give it a like*
I'm subscribed after you saved me! I had the exact same error you had only I was thinking it was my Nic cards not being vlan aware! Silly me, I guess I thought I did everything correctly but when no dhcp lease IP was given for the newly created vlans that was driving me crazy. "pfSense by default always tells us do not add two gateways,"... well this time it's different. That's a bug that needs to be fixed. I was checking for bad cables, nic card vlan aware, ports connected snugly, and basically not my settings :) Thank you for picking up on this since no other person found this "bug." pfSense V2.6.0-RELEASE (amd64)
Thanks for watching buddy!
One thing I'm confused about is your firewall rule for the SERVERS network. If the first rule allows connections out to everywhere except internal address space why would you need another rule to deny communications to IoT network? Wouldn't the IoT network use the already blocked RFC1918 address space from the first rule?
Question for the workstation VLAN. Because of the double NAT how would you allow the workstation VLAN to have internet access?
great work and awsome explination, Thank you a lot.
אחלה סרטון, כל הכבוד.
שאלה, hp microserver הוא יכול להריץ pfsense? ניסיתי לעשות בוט מ-usb לא נתן. במקביל אני שוקל להתקין את pfsense על proxmox אבל לא בטוח לגבי החיווט של הרשת
Nice! Thanks for this video!
This is a phenomenal video - it's so clearly explained. Truly one of the best videos I've seen on pfSense VLAN's! Great job!
Wow, thank you so much frank! Much appreciated indeed!
This is a great video!! My question is how did you setup you management vlan. Does it connect to the lan port or to one of the other physical ports? Thanks.
Best video I've found on this subject! You clearly explain what needs to be done and walk the viewer through the process. Really appreciate the level of detail you went into. Thanks for making this video!
Thank you very much. Glad it was helpful!
At 19:00 why do you need a second rule for the block from servers network to IOT network? Doesnt the alias FW rule already block that because the IOT vlan would full into the listed IPs? It seems unnecessarily redundant?
אין מצב שאתה לא ישראלי חחח
In this case, it needs a management switch to assign ports for different services. Am Iright ?
Dude this is awesome. Thank you so much. Great tutorial, great breakdown of everything. You rock
When I do this, my devices are obtaining IP from the parent and not the vlan. If I turn parent off, nothing works. What settings did you use on parent to make the vlans take over the dhcp?
I can put my printer on it's own VLAN. However, I can't get my PC to see the printer (PC driver uses IPP).
Hi I have vlan created on my switch core and it is this switch which does DHCP server how to add existant vlan on pfsense
Could I just create the vlans on the switch and then pfsense will recognise different vlans and route them? It would be easier to have them on the switch and directly assign them to their respective ports?
Oh my god, I have tried for so long to get my head around VLANS and you have just nailed it for me. I cant thank you enough for your help!
Ahh. I can save huge time If I saw this video years ago.
Excellent video Avi! Very detailed and well explained. Always a pleasure!
Thanks for watching Tony! Much appreciated indeed
How to set up the switch for clan is missing?
I am a newbie in networking. Very helpful bud!
Glad you liked it!
I am not getting internet traffic on my 3100. The steps were followed as directed. i am hesitate about tagging because it will lock me out of box. It seems to be most confusing. The lan 4 is used to login 3100. So would tag all vlans to port 4?
Why did you use 172.16.vlantag ??? at 06:56 . shouldn't you use 10.100.vlantag ??? Can I create a totally new ip there? and it will be the ip that will appear to the person? Thanks in advance
What?
@@TechMeOut5 I've just created the VLAN at pfsense, and at TP-link L2+ switch i attached to the vlan by mac address, did the ipconfig release and renew, showed the right address. But can't connect to the internet. I've copied your vlan ipv4 address, could this be the problem?
Hi your questiom is unclear and sadly, it looks like a far too elaborate topic to be troubleshooting with a comment on youtube video. With all willingness to help...
This takes me where I need to be in setting up the firewall for my church! Thanks for a very informative video!
Glad we could help!
What about wifi devices? How to configure, that all the IOT wifi or guest wifi devices, will be added to IOT VLAN automatically?
What do you mean? It depends on the wifi access point and switch you are using
@@TechMeOut5 One AP, but I want that all my family phones go to my private network, lets say LAN, but all my IOT devices or guests phones want to go to IOT VLAN.
Nice to see an in depth guide to this
Pity he used /24 subnets. I'm gonna run in trouble with virtual gateway IP's within more restrictive subnets.
If the Default Gateway given by PFsense DHCP server is pointed at the vlan interface IP on FW, wouldn't that mean if clients need to communicate between VLANs for non-internet bound traffic (ie. pc_client talking to servers) that the PFsense would have to do the routing and is less in performance than if the L3 switch did the routing?
Thanks for the tutorial. It's still not working for me though. I have a Cisco SG300 switch set to Layer 3 with all VLAN's configured. I setup the same VLAN's on the pfSense, but I'm unable to hit the Firewall. I'm able to hit the default gateway of the VLAN, but not the pfSense Firewall. I'll keep tinkering with it.
All is missing is assigning the vlan tagging on the switch right? IE, vlan 2 = priority 0 ? Since you prioritize 0 to all, is that means all traffic from different vlans get top priority?
Any chance you could a video for opnsense? Specifically Vlans and rules for home network protection.
Thank you. Well explained!
Glad you liked it.
great video bro, just inherited a pfsense box on my new job, lol, this really helps me out, can you please add video on rules please, thanks again. Also adding two separate sites if you can, meaning connecting to two different devices from ISP two connect the two sites from across town, thanks again!!
and you do video on connecting two or multiple LAN's on PfSense, new to it, thanks again.
well done
This helped me get my VLANs setup and working...thanks.
You saved my life. Thanks for this excellent explanation. 💜
Thanks bro. You have solved my problem :)
Hi my friend. Thanks for the video.
What is your setup in manage switch to used this setup
I have never seen a video with such a successful explanation about creating a pfsense vlan. Thanks
Glad i was able to help
Great explanation, I appreciate the time for preparation and creating this video. Thx.
Thank you for watching!
Excellent video great job. Thank you so much.
I'm glad i was able to help!
Great video. It helped me a lot. Thank you very much.
Glad to hear that!
Great video - End to End!
Thanks! Good video!
great video !
Thanks for this video man!
Thanks for watching!
TOP NOTCH!
Thank you very much! Thanks for watching!