cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1910
Views
0
Helpful
2
Replies

vlan on pfsense with 2 nics

t80243280
Level 1
Level 1

Hi,

lan1 is 192.168.0.0/24 with a dhcp server on 192.168.0.8 (GW 192.168.0.1)..no vlan set

All of the stuff i am describing below is working without vlan (if i attach a switch on the pfsesne lan side and make test with access point connected to it)..

I have to use vlan to add another dhcp server (the pfsense server) on my network.

I wanna make another wireless lan access to internet but not to lan1..so the wan on pfsense belong to my default lan.

I ve got pfsense on a basic computer with 2 nics:

- 1 NIC for the the pfsense lan side (with dhcp (192.168.10.0/23 start at 192.168.10.11),firewall rules..squid and radius server)..connect to a port which is vlan 40 (let say) and wireless access point belong to vlan 40 as well and configured for radius access.

- 1 NIC (192.168.0.49/24)for the wan pfsense side (which is actually belonging to my lan..see above) belonging to the default vlan..should be vlan 1.

The question is : does 2 NICS on a same computer and not belonging to the same vlan are making automatically intervlan or not ?

in another word, does a wireless client let say 192.168.11.10 will have access to the GW which is on default vlan (192.168.0.1) (without speaking about firewall rules).

Hope it's clear enough.

Thanks for help,

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

The question is : does 2 NICS on a same computer and not belonging to the same vlan are making automatically intervlan or not ?

Depends on whether you have enabled IP routing between the NICs.

Edit - or disabled it ie. some OS version have it enabled by default and some don't.

Jon

There is a nat between them (pfsense act like a rooter)..as the pfsense lan client are able to ping the GW(192.168.0.1 on NW 192.168.0.0/24) and access to Internet.

I make this pfsense server server for this scope..build a wireless segment with AP(s) on the lan side of pfsense..then ..add some rule to make them just access to Internet through my primary lan GW.

May be i am not asking in the right forum...thought vlan's rules were the same for all kind of OS...as OS is an upper layer.

Review Cisco Networking for a $25 gift card