Since I only have two ports on my pfsense machine, would I setup vlans on the lan nic and switch ...

[G+_Adam EL-Idrissi]

Since I only have two ports on my pfsense machine, would I setup vlans on the lan nic and switch or just the switch?

[G+_Ben Reese]

I'm hoping it could be done either place. Can't you assign VLAN by MAC ID?

[G+_Adam EL-Idrissi]

I've never set up vlan before so this is all new. My main concern was if its coming out of the lan would it slow down anything. Pfsense has vlan built in and the switch I bought supports it as well.

[G+_Ben Reese]

Right, it's all pretty cloudy to me too. I just assumed it was another layer that could be handed out like DHCP. Padre mentioned that his network gives a different VLAN to each connected device unless he explicitly assigns one to a device. If that has to be done at the switch/access point, each connecting location would have to be in sync on who has which VLAN. I'm definitely going to have to do more research on the subject!

[G+_Mikael Eidsvaag]

Setting up vlans on pfsense can be difficult, especially for a noob (I know have been there my self) . I am running pfsense with vlans and I can’t say that I have any negative performance hits. So what you ned to do is this.

Be aware before you start that you may lock your self and any of the other people on your lan out. So I advise you to take a bakup of your current settings on your switch. And have a keyboard and monitor hooked up the pfsense so that you can reset that as well. There are many videos on  YouTube that describes how to set this up. 

 

Btw. The steps are what I remembered from when I sett up my pfsense with vlans, and that’s almost a year ago. So there may be some steps missing. And I remember that I Field countless times. Do not give up if it does not work on the first try =)  

 

Good luck =)

 

 

1. Setup vlans in pfsense: 

Interfaces: VLAN ( here you make a vlan. Be sure to remember the VLAN tag NR. , and make sure you sett the Parent interface to you lan card)

 

2. Interfaces: Assign network ports ( I do not remember if you need to do some things here)

 

3. Services: DHCP server (there you vill have a New interface with the name you gave your vlan. You need to enable the DHCP.)

 

4. Lastly you need to login to your switch and configure the port that goes from the lan-card on pfsense into the switch as a tagged port. And be sure that the port your laptop are on is in the same vlans as the one you settup in step one.

[G+_Travis Hershberger]

What are you trying to accomplish by setting up vlan(s)?  Depending on what you want to do with them, you might not need to configure them on the pfsense box.

[G+_Adam EL-Idrissi]

Travis Hershberger really its just to learn something new. I know eventually it'll be covered in a class though. I would like wireless, my roommate and my gear all separated. Everything has passwords but why not go over kill? Plus its annoying seeing his PC show up in the share/network tabs on my computers.

[G+_Mikael Eidsvaag]

That is the same reason I run pfsense. you need vlan setup om both the pfsence and the switch. When you sett up vlans on pfsense you are actually changing the type of packets your pfsense are sending, and therefore your switch needs to know that by setting the port to tagged. I know this is difficult to understand It took me long time to figure this out. I do not think I can help you much more. It will be allot of writing. And I do not know what switch you have ore if you have set up you pfsence correctly. I am sure Knowhow is going to explain this in detail in one of the upcoming shows. 

Look at my comet  further up

 

Good luck 

[G+_Adam EL-Idrissi]

Mikael Eidsvaag the main reason I wanted a pf box was home routers suck when it comes down to features and ,very important to me, updates. Asus surprising has had a couple new updates for a 3 year old model and a slightly newer one has gotten about 3 updates in the past 6 months. Although the bash ordeal and a asus specific flaw kind of made them happen. Sure beats dlink with stopping updates in 2013 for the router I had. My setup is an Intel d2500cce with dual core 1.8ghz atom,dual 10/100/1000 NICs and 4gb ram.pf is on a 60gb ssd.ssd mainly for being 100% silent. The switch that came in this week is a tp link tl-sg2424 24 port switch. I need to update the firmware before I connect it to the network. I was hoping this last episode would go over pfsense but maybe shortly. I haven't tried setting up anything yet on the switch or pfsense since tomorrow (later today) I'm rearranging equipment around and running some cable through the walls. The goal is to be done in the afternoon so then I'll be setting everything up again and adding the switch. So from what I get set the lan to one vlan and then tag that to a port on the switch.

[G+_Mikael Eidsvaag]

Adam EL-Idrissi Wow nice switch.

I would not be worried about upgrading the firmware on the switch at ones. This I because you switch “sits” behind a firewall and I do not think there will be a problem, focus on getting the vlans and that styff up first. I have locked at the manual for you switch and it is written pretty well. So just read about vlans and how to reset the switch and I think you will be god to go =)

 

Let us know how it is going. And if you have any problems just take a lot of pictures and post them

[G+_Adam EL-Idrissi]

Little update. Today didn't go as planned. Still running cable. I got in my attic and saw the "awesome" work they did. Unfortunately I can't make a run I wanted to because it's blocked off.?