LB6M and PfSense vlan routing issue

Discussion in 'Networking' started by Veedubin, Aug 2, 2017.

  1. Veedubin

    Veedubin New Member

    Joined:
    Aug 2, 2017
    Messages:
    5
    Likes Received:
    0
    I have read a ton of posts on here and tried just about everything I could to try and get my LB6M to "trunk" data to my firewall. I am trying to build a router on a stick configuration.

    FW Config

    Code:
    <?xml version="1.0"?>
    
    -<pfsense>
    
    <version>15.5</version>
    
    <lastchange/>
    
    
    -<system>
    
    <optimization>normal</optimization>
    
    <hostname>Core-FW</hostname>
    
    <domain>localdomain</domain>
    
    <dnsallowoverride>on</dnsallowoverride>
    
    
    -<group>
    
    <name>all</name>
    
    
    -<description>
    
    -<![CDATA[All Users]]>
    </description>
    
    <scope>system</scope>
    
    <gid>1998</gid>
    
    <member>0</member>
    
    </group>
    
    
    -<group>
    
    <name>admins</name>
    
    
    -<description>
    
    -<![CDATA[System Administrators]]>
    </description>
    
    <scope>system</scope>
    
    <gid>1999</gid>
    
    <member>0</member>
    
    <priv>page-all</priv>
    
    </group>
    
    
    -<user>
    
    <name>admin</name>
    
    
    -<descr>
    
    -<![CDATA[System Administrator]]>
    </descr>
    
    <scope>system</scope>
    
    <groupname>admins</groupname>
    
    <bcrypt-hash>******************************</bcrypt-hash>
    
    <uid>0</uid>
    
    <priv>user-shell-access</priv>
    
    </user>
    
    <nextuid>2000</nextuid>
    
    <nextgid>2000</nextgid>
    
    <timeservers>0.pfsense.pool.ntp.org</timeservers>
    
    
    -<webgui>
    
    <protocol>https</protocol>
    
    <loginautocomplete/>
    
    <ssl-certref>597fcb0f90dce</ssl-certref>
    
    <dashboardcolumns>2</dashboardcolumns>
    
    </webgui>
    
    <disablenatreflection>yes</disablenatreflection>
    
    <disablesegmentationoffloading/>
    
    <disablelargereceiveoffloading/>
    
    <ipv6allow/>
    
    <powerd_ac_mode>hadp</powerd_ac_mode>
    
    <powerd_battery_mode>hadp</powerd_battery_mode>
    
    <powerd_normal_mode>hadp</powerd_normal_mode>
    
    
    -<bogons>
    
    <interval>monthly</interval>
    
    </bogons>
    
    <timezone>America/Chicago</timezone>
    
    </system>
    
    
    -<interfaces>
    
    
    -<wan>
    
    <enable/>
    
    <if>vmx0</if>
    
    <ipaddr>dhcp</ipaddr>
    
    <ipaddrv6>dhcp6</ipaddrv6>
    
    <gateway/>
    
    <media/>
    
    <mediaopt/>
    
    <dhcp6-duid/>
    
    <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
    
    
    -<descr>
    
    -<![CDATA[WAN]]>
    </descr>
    
    </wan>
    
    
    -<lan>
    
    <enable/>
    
    <if>vmx1</if>
    
    <ipaddr>192.168.10.170</ipaddr>
    
    <subnet>24</subnet>
    
    <ipaddrv6/>
    
    <subnetv6/>
    
    <media/>
    
    <mediaopt/>
    
    <track6-interface>wan</track6-interface>
    
    <track6-prefix-id>0</track6-prefix-id>
    
    <gateway/>
    
    <gatewayv6/>
    
    
    -<descr>
    
    -<![CDATA[LAN]]>
    </descr>
    
    </lan>
    
    
    -<opt1>
    
    
    -<descr>
    
    -<![CDATA[Management]]>
    </descr>
    
    <if>oce0_vlan6</if>
    
    <enable/>
    
    <ipaddr>10.0.0.254</ipaddr>
    
    <subnet>24</subnet>
    
    <spoofmac/>
    
    </opt1>
    
    
    -<opt2>
    
    
    -<descr>
    
    -<![CDATA[LAN2]]>
    </descr>
    
    <if>oce0_vlan10</if>
    
    <enable/>
    
    <ipaddr>10.10.10.254</ipaddr>
    
    <subnet>24</subnet>
    
    <spoofmac/>
    
    </opt2>
    
    
    -<opt3>
    
    
    -<descr>
    
    -<![CDATA[Wireless]]>
    </descr>
    
    <if>oce0_vlan20</if>
    
    <enable/>
    
    <ipaddr>192.168.100.254</ipaddr>
    
    <subnet>24</subnet>
    
    <spoofmac/>
    
    </opt3>
    
    
    -<opt4>
    
    
    -<descr>
    
    -<![CDATA[Storage]]>
    </descr>
    
    <if>oce0_vlan30</if>
    
    <enable/>
    
    <ipaddr>172.16.10.254</ipaddr>
    
    <subnet>24</subnet>
    
    <spoofmac/>
    
    </opt4>
    
    
    -<opt5>
    
    
    -<descr>
    
    -<![CDATA[Servers]]>
    </descr>
    
    <if>oce0_vlan40</if>
    
    <enable/>
    
    <ipaddr>10.100.0.254</ipaddr>
    
    <subnet>24</subnet>
    
    <spoofmac/>
    
    </opt5>
    
    
    -<opt6>
    
    
    -<descr>
    
    -<![CDATA[OPT6]]>
    </descr>
    
    <if>oce0</if>
    
    <spoofmac/>
    
    <enable/>
    
    </opt6>
    
    </interfaces>
    
    <staticroutes/>
    
    
    -<dhcpd>
    
    
    -<lan>
    
    
    -<range>
    
    <from>192.168.10.10</from>
    
    <to>192.168.10.161</to>
    
    </range>
    
    <dhcpleaseinlocaltime/>
    
    </lan>
    
    
    -<opt4>
    
    
    -<range>
    
    <from>172.16.10.5</from>
    
    <to>172.16.10.100</to>
    
    </range>
    
    <enable/>
    
    <failover_peerip/>
    
    <defaultleasetime/>
    
    <maxleasetime/>
    
    <netmask/>
    
    <gateway/>
    
    <domain/>
    
    <domainsearchlist/>
    
    <ddnsdomain/>
    
    <ddnsdomainprimary/>
    
    <ddnsdomainkeyname/>
    
    <ddnsdomainkey/>
    
    <mac_allow/>
    
    <mac_deny/>
    
    <tftp/>
    
    <ldap/>
    
    <nextserver/>
    
    <filename/>
    
    <filename32/>
    
    <filename64/>
    
    <rootpath/>
    
    <numberoptions/>
    
    <dhcpleaseinlocaltime/>
    
    </opt4>
    
    
    -<opt5>
    
    
    -<range>
    
    <from>10.100.0.10</from>
    
    <to>10.100.0.100</to>
    
    </range>
    
    <enable/>
    
    <failover_peerip/>
    
    <defaultleasetime/>
    
    <maxleasetime/>
    
    <netmask/>
    
    <gateway/>
    
    <domain/>
    
    <domainsearchlist/>
    
    <ddnsdomain/>
    
    <ddnsdomainprimary/>
    
    <ddnsdomainkeyname/>
    
    <ddnsdomainkey/>
    
    <mac_allow/>
    
    <mac_deny/>
    
    <tftp/>
    
    <ldap/>
    
    <nextserver/>
    
    <filename/>
    
    <filename32/>
    
    <filename64/>
    
    <rootpath/>
    
    <numberoptions/>
    
    </opt5>
    
    </dhcpd>
    
    
    -<dhcpdv6>
    
    
    -<lan>
    
    
    -<range>
    
    <from>::1000</from>
    
    <to>::2000</to>
    
    </range>
    
    <ramode>assist</ramode>
    
    <rapriority>medium</rapriority>
    
    </lan>
    
    </dhcpdv6>
    
    
    -<snmpd>
    
    <syslocation/>
    
    <syscontact/>
    
    <rocommunity>public</rocommunity>
    
    </snmpd>
    
    
    -<diag>
    
    
    -<ipv6nat>
    
    <ipaddr/>
    
    </ipv6nat>
    
    </diag>
    
    <syslog/>
    
    
    -<nat>
    
    
    -<outbound>
    
    <mode>automatic</mode>
    
    </outbound>
    
    </nat>
    
    
    -<filter>
    
    
    -<rule>
    
    <type>pass</type>
    
    <ipprotocol>inet</ipprotocol>
    
    
    -<descr>
    
    -<![CDATA[Default allow LAN to any rule]]>
    </descr>
    
    <interface>lan</interface>
    
    <tracker>0100000101</tracker>
    
    
    -<source>
    
    <network>lan</network>
    
    </source>
    
    
    -<destination>
    
    <any/>
    
    </destination>
    
    </rule>
    
    
    -<rule>
    
    <type>pass</type>
    
    <ipprotocol>inet6</ipprotocol>
    
    
    -<descr>
    
    -<![CDATA[Default allow LAN IPv6 to any rule]]>
    </descr>
    
    <interface>lan</interface>
    
    <tracker>0100000102</tracker>
    
    
    -<source>
    
    <network>lan</network>
    
    </source>
    
    
    -<destination>
    
    <any/>
    
    </destination>
    
    </rule>
    
    
    -<rule>
    
    <id/>
    
    <tracker>1501555937</tracker>
    
    <type>pass</type>
    
    <interface>opt4</interface>
    
    <ipprotocol>inet</ipprotocol>
    
    <tag/>
    
    <tagged/>
    
    <max/>
    
    <max-src-nodes/>
    
    <max-src-conn/>
    
    <max-src-states/>
    
    <statetimeout/>
    
    <statetype>keep state</statetype>
    
    <os/>
    
    
    -<source>
    
    <any/>
    
    </source>
    
    
    -<destination>
    
    <network>opt5</network>
    
    </destination>
    
    <descr/>
    
    
    -<updated>
    
    <time>1501555937</time>
    
    <username>admin@192.168.10.151</username>
    
    </updated>
    
    
    -<created>
    
    <time>1501555937</time>
    
    <username>admin@192.168.10.151</username>
    
    </created>
    
    </rule>
    
    
    -<rule>
    
    <id/>
    
    <tracker>1501555411</tracker>
    
    <type>pass</type>
    
    <interface>opt5</interface>
    
    <ipprotocol>inet</ipprotocol>
    
    <tag/>
    
    <tagged/>
    
    <max/>
    
    <max-src-nodes/>
    
    <max-src-conn/>
    
    <max-src-states/>
    
    <statetimeout/>
    
    <statetype>keep state</statetype>
    
    <os/>
    
    
    -<source>
    
    <any/>
    
    </source>
    
    
    -<destination>
    
    <network>opt4</network>
    
    </destination>
    
    <descr/>
    
    
    -<created>
    
    <time>1501555411</time>
    
    <username>admin@192.168.10.151</username>
    
    </created>
    
    
    -<updated>
    
    <time>1501555904</time>
    
    <username>admin@192.168.10.151</username>
    
    </updated>
    
    </rule>
    
    
    -<separator>
    
    <opt5/>
    
    <opt4/>
    
    </separator>
    
    </filter>
    
    <shaper/>
    
    <ipsec/>
    
    <aliases/>
    
    <proxyarp/>
    
    
    -<cron>
    
    
    -<item>
    
    <minute>1,31</minute>
    
    <hour>0-5</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 adjkerntz -a</command>
    
    </item>
    
    
    -<item>
    
    <minute>1</minute>
    
    <hour>3</hour>
    
    <mday>1</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
    
    </item>
    
    
    -<item>
    
    <minute>*/60</minute>
    
    <hour>*</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
    
    </item>
    
    
    -<item>
    
    <minute>*/60</minute>
    
    <hour>*</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout</command>
    
    </item>
    
    
    -<item>
    
    <minute>1</minute>
    
    <hour>1</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
    
    </item>
    
    
    -<item>
    
    <minute>*/60</minute>
    
    <hour>*</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
    
    </item>
    
    
    -<item>
    
    <minute>30</minute>
    
    <hour>12</hour>
    
    <mday>*</mday>
    
    <month>*</month>
    
    <wday>*</wday>
    
    <who>root</who>
    
    <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
    
    </item>
    
    </cron>
    
    <wol/>
    
    
    -<rrd>
    
    <enable/>
    
    </rrd>
    
    
    -<load_balancer>
    
    
    -<monitor_type>
    
    <name>ICMP</name>
    
    <type>icmp</type>
    
    
    -<descr>
    
    -<![CDATA[ICMP]]>
    </descr>
    
    <options/>
    
    </monitor_type>
    
    
    -<monitor_type>
    
    <name>TCP</name>
    
    <type>tcp</type>
    
    
    -<descr>
    
    -<![CDATA[Generic TCP]]>
    </descr>
    
    <options/>
    
    </monitor_type>
    
    
    -<monitor_type>
    
    <name>HTTP</name>
    
    <type>http</type>
    
    
    -<descr>
    
    -<![CDATA[Generic HTTP]]>
    </descr>
    
    
    -<options>
    
    <path>/</path>
    
    <host/>
    
    <code>200</code>
    
    </options>
    
    </monitor_type>
    
    
    -<monitor_type>
    
    <name>HTTPS</name>
    
    <type>https</type>
    
    
    -<descr>
    
    -<![CDATA[Generic HTTPS]]>
    </descr>
    
    
    -<options>
    
    <path>/</path>
    
    <host/>
    
    <code>200</code>
    
    </options>
    
    </monitor_type>
    
    
    -<monitor_type>
    
    <name>SMTP</name>
    
    <type>send</type>
    
    
    -<descr>
    
    -<![CDATA[Generic SMTP]]>
    </descr>
    
    
    -<options>
    
    <send/>
    
    <expect>220 *</expect>
    
    </options>
    
    </monitor_type>
    
    </load_balancer>
    
    
    -<widgets>
    
    <sequence>system_information:col1:show,interfaces:col2:show</sequence>
    
    </widgets>
    
    <openvpn/>
    
    <dnshaper/>
    
    
    -<unbound>
    
    <enable/>
    
    <dnssec/>
    
    <active_interface/>
    
    <outgoing_interface/>
    
    <custom_options/>
    
    <hideidentity/>
    
    <hideversion/>
    
    <dnssecstripped/>
    
    </unbound>
    
    
    -<revision>
    
    <time>1501556280</time>
    
    
    -<description>
    
    -<![CDATA[admin@192.168.10.151: /interfaces.php made unknown change]]>
    </description>
    
    <username>admin@192.168.10.151</username>
    
    </revision>
    
    
    -<cert>
    
    <refid>597fcb0f90dce</refid>
    
    
    -<descr>
    
    -<![CDATA[webConfigurator default (597fcb0f90dce)]]>
    </descr>
    
    <type>server</type>
    
    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQkZXZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBRENCdERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRGpBTUJnTlZCQWdUQlZOMFlYUmxNUkV3RHdZRFZRUUhFd2hNYjJOaGJHbDBlVEU0TURZR0ExVUVDaE12Y0daVApaVzV6WlNCM1pXSkRiMjVtYVdkMWNtRjBiM0lnVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhLREFtCkJna3Foa2lHOXcwQkNRRVdHV0ZrYldsdVFIQm1VMlZ1YzJVdWJHOWpZV3hrYjIxaGFXNHhIakFjQmdOVkJBTVQKRlhCbVUyVnVjMlV0TlRrM1ptTmlNR1k1TUdSalpUQWVGdzB4TnpBNE1ERXdNREkzTlRsYUZ3MHlNekF4TWpJdwpNREkzTlRsYU1JRzBNUXN3Q1FZRFZRUUdFd0pWVXpFT01Bd0dBMVVFQ0JNRlUzUmhkR1V4RVRBUEJnTlZCQWNUCkNFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRS0V5OXdabE5sYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG0KTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwWlRFb01DWUdDU3FHU0liM0RRRUpBUllaWVdSdGFXNUFjR1pUWlc1egpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0dBMVVFQXhNVmNHWlRaVzV6WlMwMU9UZG1ZMkl3Wmprd1pHTmxNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFuK2tDQmhwQ0RyUTVEVm13c0RrcjgrRHgKS0lRbmJLWHo3cjhZY1ZmVnZ2cXpneFZMSEFDa2RWdXdsVHh0WllYM2o2aHBaeUhQektRYm5nS0RqbnFLaWRsLwppYUY5bzlqUnJBL1NPMXNUbUxCTzdRMUdjamZHeXE2d08yZjRDZW5VdFhicjZQQlhDblA0L3d4ZFUzMGl4NWRDCnNMYjFuWUJ5N0tZYW9EMHZJTlVvZzhjWXplVFFSR3Zid0cwaHRKdUZvUmQ0TmdwdVdxTW9pSlZQYVJ5WmJnWmYKOWhIbFdoMmdiMVlWTmxYWkZrOWhHRzZsaTBKWFErUnNCZkZjUnZEdE1Cdi9QMVk1TFVQUjltbG9YNXlHSERMegppL0szVkRRVENuWjNEdlNKUHhjRmpOcjFxK0lwZXNjVFFMblk5MGorYXJoc0dYeTgzNDVEWEdlMmlZbEhnUUlECkFRQUJvNElCaGpDQ0FZSXdDUVlEVlIwVEJBSXdBREFSQmdsZ2hrZ0JodmhDQVFFRUJBTUNCa0F3TXdZSllJWkkKQVliNFFnRU5CQ1lXSkU5d1pXNVRVMHdnUjJWdVpYSmhkR1ZrSUZObGNuWmxjaUJEWlhKMGFXWnBZMkYwWlRBZApCZ05WSFE0RUZnUVU4Rm84Ny9WVmJGR3k4SU40Y1lFRkR1WXRzQ2t3Z2VFR0ExVWRJd1NCMlRDQjFvQVU4Rm84CjcvVlZiRkd5OElONGNZRUZEdVl0c0NtaGdicWtnYmN3Z2JReEN6QUpCZ05WQkFZVEFsVlRNUTR3REFZRFZRUUkKRXdWVGRHRjBaVEVSTUE4R0ExVUVCeE1JVEc5allXeHBkSGt4T0RBMkJnTlZCQW9UTDNCbVUyVnVjMlVnZDJWaQpRMjl1Wm1sbmRYSmhkRzl5SUZObGJHWXRVMmxuYm1Wa0lFTmxjblJwWm1sallYUmxNU2d3SmdZSktvWklodmNOCkFRa0JGaGxoWkcxcGJrQndabE5sYm5ObExteHZZMkZzWkc5dFlXbHVNUjR3SEFZRFZRUURFeFZ3WmxObGJuTmwKTFRVNU4yWmpZakJtT1RCa1kyV0NBUUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVo5eXhheW80V1JLZ3YyT3ZWOG9wCjF5Y3FJNHRtZWdZSEhLVFRFKzcxSVAxT0pMb0VvQkxCS1Qrb2ZNVXo4ZDVrTjFjY0k3Rm0wTTJ2Z3BmWExPb0YKdUZxYlNzRUR6NEJPNlNBdE14ZllBS25sUyt1VU01aDF0TEJvR3pLaTVwb01ldWFPRm81aHZ3ejZlWlJvZUVJSwpwMFNpWHV1a1RpQXI2cm5OSDQweEdnNXpuc2d4cFBXOGZPaVJKOC9UZEdNTmxRbll1YWt4ajlEZEFHRDlKNEtPCkw2WE8rNGI3Szk3OTBqTSs5UC9UTGJDeTBxUjhDNHpiVDd2V3h2aFlxVkV5cXZLVjd0UEloczh4cnJYL1JmYm0KSW9USXU1czhkdElGeVF2N3lOU3VBZUpUdDFobStUcHhOTWJ6dTk2SVJLVWNMNXhXNmhIeXdpdGxPK0NMbFU2Kwo4UT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
    
    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQ2Y2UUlHR2tJT3REa04KV2JDd09Tdno0UEVvaENkc3BmUHV2eGh4VjlXKytyT0RGVXNjQUtSMVc3Q1ZQRzFsaGZlUHFHbG5JYy9NcEJ1ZQpBb09PZW9xSjJYK0pvWDJqMk5Hc0Q5STdXeE9Zc0U3dERVWnlOOGJLcnJBN1ovZ0o2ZFMxZHV2bzhGY0tjL2ovCkRGMVRmU0xIbDBLd3R2V2RnSExzcGhxZ1BTOGcxU2lEeHhqTjVOQkVhOXZBYlNHMG00V2hGM2cyQ201YW95aUkKbFU5cEhKbHVCbC8yRWVWYUhhQnZWaFUyVmRrV1QyRVlicVdMUWxkRDVHd0Y4VnhHOE8wd0cvOC9Wamt0UTlIMgphV2hmbklZY012T0w4cmRVTkJNS2RuY085SWsvRndXTTJ2V3I0aWw2eHhOQXVkajNTUDVxdUd3WmZMemZqa05jClo3YUppVWVCQWdNQkFBRUNnZ0VCQUoycEZ4UzdPTnZVZHRlaDBXRzl6SWIwQmZEamN4ZGMrNGN0bzhURVMvcXkKcE9DZDB1TDJBeSt1U2dpcGZsWjFZaUtpY2VGNzVhd25OUTl4L1JFeDRudU5GSUMyMXUvL2FxSlJLdjdZaWhhbAo1ZnMwZG50UVlOQWVzYVN3bWszejNJTlpqN2lubGJtNXBBcWF2eno4aUpqdW1wTXVvRFU4bXBLV0puUk1QcllICnhLTWZQR3VCWm4rQ1cwclpVSFB0RFdnc05tODdCbTU5WFhjZzJJVEVsQ000YXY3TzlNbnR0NTFzZ2lQR2RCWkMKbzFUUWdqRW40YVRnN2xibTZrbjQwWktyL2w5ZGFpQk40Z1lydjdFaDh5OFIrc1JHN0J1Y3BLQmM3QUxDVU43egp3MUlveXladnA4cGtUZDR6TTIvRFVPL21lMkpQS3lZbkpUQVEzZkpqOEYwQ2dZRUF5Mi9GZ01hMkV4NzNvZW5pCnRFVFRDeTM0bE9HS1Zra3o1RWpEaGppZkMxUGdIaTYyczhodkJQbWpGbXE5dVE1bE5JazU5bEtTNEFhc0cvS3AKZTE5b3Nabkgra2gzL0NTeEllV3gyV1g4RFpFUlg1Q1FCWW1haG1ucDZGM3dkK2xlZTgvUnVSTkN6Qlp6REQ0TQpZWk5oYktkWGJhaDlnM2FiSUJzQWJ3M3JjcWNDZ1lFQXlUb3pJTEVjUXFuazJETVFzU3c3OUpBMzgrV28zaGhhClhCUU9Ca0tXa1M1dHFIQjNwVlZHeUdRMDhMcTB4ajBwQWdXNE4yd0dGeFdHNzdmSmRlZXl1T2V3S0djQTRDZTEKc3JFYzFYZFpJWkkyNWRpbUNLdWdYZXArQ0E3NHd3ZTlXc3M1S2JWeFBqd3dod2pDUnA1Nmk5WFYrZ1ZOT0k2UApKakRBVU1yYUFaY0NnWUJUTTFRd0ZaVFRmeC9CelhqVlJ5eVU3dWt5WW9lRVFJNERlQ3JYRXdNZ3k5M21HaTdJCm1sbWxURCtCNUlmUlRtemZycHZRL1BacXZ1L1d3a2pFVjBIbkdNQ3J3TVdwam93UEUvVEh0Nmo5RjI1bWlpWU0KemJrdjdkTW5JSHcvWG1jdzljNk5CYTZVN3oyQUxVUTlCOXlaWmxzZ1V2OTZLNkRINGFNc3lDR2FFd0tCZ0h6eApPaFd1WXBHeDAzbTZHejhtN0FNcUdOUERZVnFsWEZXWHppMXM0dmc2RDdScVFKL1RseU9OdEtGVURES2Fmdi9XCmRVOVVMMlBkNWU2cCt0ak9pRlh1NVozd2RzYTNZVVlXV29UZ21lTVNXaXZVblNMOURaSENxNFp0WldBVFNpczUKeThCdC9HWmNFUFdISnJtYVpSUzJMU29VYUtJWlFpREFYR2pOeXhiNUFvR0FUclpRTVVFbDR4SW56eWJ4UkdISgp3aU9sTm5NZnFtdWlmWU50M3pmVmRyY21LYmRLZ01rV2ZVcE5lRGNyRUhkZTAvckowSGJvanVqY1lRSnhtR0J4CjhaR0pyRWVCK1dZSFh1Sk9ldEVJaUNNQmxDZnpUY2N5WncxU2lpWjg4dGU3YktsM3R6RENaQlBCRkg3cnVnU2gKMWdSMWhqUUZzanNFcTFVZkZGNXRwWWM9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K</prv>
    
    </cert>
    
    <ppps> </ppps>
    
    
    -<vlans>
    
    
    -<vlan>
    
    <if>oce0</if>
    
    <tag>10</tag>
    
    <pcp/>
    
    
    -<descr>
    
    -<![CDATA[LAN]]>
    </descr>
    
    <vlanif>oce0_vlan10</vlanif>
    
    </vlan>
    
    
    -<vlan>
    
    <if>oce0</if>
    
    <tag>20</tag>
    
    <pcp/>
    
    
    -<descr>
    
    -<![CDATA[Wireless]]>
    </descr>
    
    <vlanif>oce0_vlan20</vlanif>
    
    </vlan>
    
    
    -<vlan>
    
    <if>oce0</if>
    
    <tag>6</tag>
    
    <pcp/>
    
    
    -<descr>
    
    -<![CDATA[Management]]>
    </descr>
    
    <vlanif>oce0_vlan6</vlanif>
    
    </vlan>
    
    
    -<vlan>
    
    <if>oce0</if>
    
    <tag>30</tag>
    
    <pcp/>
    
    
    -<descr>
    
    -<![CDATA[Storage]]>
    </descr>
    
    <vlanif>oce0_vlan30</vlanif>
    
    </vlan>
    
    
    -<vlan>
    
    <if>oce0</if>
    
    <tag>40</tag>
    
    <pcp/>
    
    
    -<descr>
    
    -<![CDATA[Servers]]>
    </descr>
    
    <vlanif>oce0_vlan40</vlanif>
    
    </vlan>
    
    </vlans>
    
    <gateways> </gateways>
    
    </pfsense>
    Switch Config
    Code:
    (FASTPATH Routing) #show running-config
    !Current Configuration:
    !
    !System Description "Quanta LB6M, 1.2.0.14, Linux 2.6.21.7"
    !System Software Version "1.2.0.14"
    !System Up Time          "0 days 2 hrs 56 mins 9 secs"
    !Additional Packages     FASTPATH QOS
    !Current SNTP Synchronized Time: Not Synchronized
    !
    network protocol none
    network parms 10.0.1.2 255.255.255.0 0.0.0.0
    serviceport protocol none
    serviceport ip 10.0.0.2 255.255.255.0 0.0.0.0
    vlan database
    vlan 6,10,20,30,40,50
    exit 
    ip ssh server enable
    sshcon timeout 160
    configure
    aaa authentication enable "enableList" enable
    line console
    exit
    line telnet
    exit
    line ssh
    exit
    spanning-tree configuration name "04-7D-7B-B0-18-83"
    !
    interface 0/1
    vlan pvid 30
    vlan participation include 30
    vlan tagging 30
    exit
    interface 0/24
    description 'Trunk-Core-FW'
    vlan participation include 6,10,20,30,40,50
    vlan tagging 6,10,20,30,40,50
    exit
    interface 0/25
    vlan pvid 30
    vlan participation include 30
    exit
    interface 0/26
    vlan pvid 40
    vlan participation include 40
    vlan tagging 40
    exit
    router rip
    exit
    router ospf
    exit
    exit 
     
    #1
  2. Drewy

    Drewy Member

    Joined:
    Apr 23, 2016
    Messages:
    168
    Likes Received:
    23
    Hello and welcome.
    A little detail of what you're trying to do, what ports are connected and what problems you're seeing may help.

    Did you try giving 0/24 on the lb6m a pvid?
     
    #2
  3. Veedubin

    Veedubin New Member

    Joined:
    Aug 2, 2017
    Messages:
    5
    Likes Received:
    0
    I have 0/24 connected to my FW as a trunk (or should be lol) and it has 6 vlans on it. I do not have a pvid on the port... Could that be my issue? What pvid would I set it to? Since you can only set 1, it didn't make sense to me to set one. From what I read in other posts, I just had to set tagging and vlan participation for the vlans I wanted on that port. Intra-vlan traffic is fine and works for switching but when I try to send the traffic through to the FW I see the packets getting dropped on the switch. I posted both the PfSense config and the switch config in hopes that someone could spot my error. I have done this dozens of times on cisco hardware but I cannot seem to figure it on this quanta switch.
     
    #3
  4. Drewy

    Drewy Member

    Joined:
    Apr 23, 2016
    Messages:
    168
    Likes Received:
    23
    Just try setting a pvid, anyone from the vlans you have on that trunk.
     
    #4
  5. Veedubin

    Veedubin New Member

    Joined:
    Aug 2, 2017
    Messages:
    5
    Likes Received:
    0
    Just set it to 6, still can't ping the interface. I even have an all to all FW rules setup in floating to allow all protocols. It should pass just about anything to anywhere. Still nothing... Dang!
     
    #5
  6. Veedubin

    Veedubin New Member

    Joined:
    Aug 2, 2017
    Messages:
    5
    Likes Received:
    0
    Still can't get this working. Basically I can ping intra-vlan but my inter-vlan is broke still. I have even tried this setup on Sophos UTM and swapped out my Emulex card for an Intel x510 and still no help. So I am pretty sure it's my switch config. I essentially just want to use this switch as a basic L2 switch. I do not want to do the routing on my switch. I want to create a router on a stick config. I have read all the posts I can regarding vlans and pfsense but I still haven't figured this out. I have 5 vlans (10,20,30,40,50) all configured on a single interface and they are tagged. I am still really confused as to why this isn't working. I know I have the FW correct, I have used vlans before on my other gigabit switches and it worked fine. DHCP is working from the FW to the end devices like my NAS and my test machine but again since the DHCP is happening on the same vlan, it seems to work just fine. I am really stuck and I hope someone can post a config that shows me what I am doing wrong.
     
    #6
  7. Veedubin

    Veedubin New Member

    Joined:
    Aug 2, 2017
    Messages:
    5
    Likes Received:
    0
    Also the single vlan interfaces I set up, I removed tagging and just left on PVID and Vlan participation include vlanx and Vlan participation exclude vlan1.
     
    #7
  8. Marek J

    Marek J New Member

    Joined:
    Nov 24, 2016
    Messages:
    16
    Likes Received:
    2
    Hi,

    Have you got it working please?
     
    #8
Similar Threads: LB6M PfSense
Forum Title Date
Networking LB6M Bricked Need Help Jun 23, 2019
Networking Quanta LB6M / TurboIron 24x slow transfers Apr 4, 2019
Networking LB6M - Active all ports Mar 24, 2019
Networking LB6M and Intel 10gbase-sr Sfp+ Optic - Ftlx8571d3bcv-i3 Mar 14, 2019
Networking 2 x interconnected Quanta LB6M won't forward tagged VLAN traffic over LAG Mar 11, 2019

Share This Page