LB6M and PfSense vlan routing issue

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Veedubin

New Member
Aug 2, 2017
5
0
1
35
I have read a ton of posts on here and tried just about everything I could to try and get my LB6M to "trunk" data to my firewall. I am trying to build a router on a stick configuration.

FW Config

Code:
<?xml version="1.0"?>

-<pfsense>

<version>15.5</version>

<lastchange/>


-<system>

<optimization>normal</optimization>

<hostname>Core-FW</hostname>

<domain>localdomain</domain>

<dnsallowoverride>on</dnsallowoverride>


-<group>

<name>all</name>


-<description>

-<![CDATA[All Users]]>
</description>

<scope>system</scope>

<gid>1998</gid>

<member>0</member>

</group>


-<group>

<name>admins</name>


-<description>

-<![CDATA[System Administrators]]>
</description>

<scope>system</scope>

<gid>1999</gid>

<member>0</member>

<priv>page-all</priv>

</group>


-<user>

<name>admin</name>


-<descr>

-<![CDATA[System Administrator]]>
</descr>

<scope>system</scope>

<groupname>admins</groupname>

<bcrypt-hash>******************************</bcrypt-hash>

<uid>0</uid>

<priv>user-shell-access</priv>

</user>

<nextuid>2000</nextuid>

<nextgid>2000</nextgid>

<timeservers>0.pfsense.pool.ntp.org</timeservers>


-<webgui>

<protocol>https</protocol>

<loginautocomplete/>

<ssl-certref>597fcb0f90dce</ssl-certref>

<dashboardcolumns>2</dashboardcolumns>

</webgui>

<disablenatreflection>yes</disablenatreflection>

<disablesegmentationoffloading/>

<disablelargereceiveoffloading/>

<ipv6allow/>

<powerd_ac_mode>hadp</powerd_ac_mode>

<powerd_battery_mode>hadp</powerd_battery_mode>

<powerd_normal_mode>hadp</powerd_normal_mode>


-<bogons>

<interval>monthly</interval>

</bogons>

<timezone>America/Chicago</timezone>

</system>


-<interfaces>


-<wan>

<enable/>

<if>vmx0</if>

<ipaddr>dhcp</ipaddr>

<ipaddrv6>dhcp6</ipaddrv6>

<gateway/>

<media/>

<mediaopt/>

<dhcp6-duid/>

<dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>


-<descr>

-<![CDATA[WAN]]>
</descr>

</wan>


-<lan>

<enable/>

<if>vmx1</if>

<ipaddr>192.168.10.170</ipaddr>

<subnet>24</subnet>

<ipaddrv6/>

<subnetv6/>

<media/>

<mediaopt/>

<track6-interface>wan</track6-interface>

<track6-prefix-id>0</track6-prefix-id>

<gateway/>

<gatewayv6/>


-<descr>

-<![CDATA[LAN]]>
</descr>

</lan>


-<opt1>


-<descr>

-<![CDATA[Management]]>
</descr>

<if>oce0_vlan6</if>

<enable/>

<ipaddr>10.0.0.254</ipaddr>

<subnet>24</subnet>

<spoofmac/>

</opt1>


-<opt2>


-<descr>

-<![CDATA[LAN2]]>
</descr>

<if>oce0_vlan10</if>

<enable/>

<ipaddr>10.10.10.254</ipaddr>

<subnet>24</subnet>

<spoofmac/>

</opt2>


-<opt3>


-<descr>

-<![CDATA[Wireless]]>
</descr>

<if>oce0_vlan20</if>

<enable/>

<ipaddr>192.168.100.254</ipaddr>

<subnet>24</subnet>

<spoofmac/>

</opt3>


-<opt4>


-<descr>

-<![CDATA[Storage]]>
</descr>

<if>oce0_vlan30</if>

<enable/>

<ipaddr>172.16.10.254</ipaddr>

<subnet>24</subnet>

<spoofmac/>

</opt4>


-<opt5>


-<descr>

-<![CDATA[Servers]]>
</descr>

<if>oce0_vlan40</if>

<enable/>

<ipaddr>10.100.0.254</ipaddr>

<subnet>24</subnet>

<spoofmac/>

</opt5>


-<opt6>


-<descr>

-<![CDATA[OPT6]]>
</descr>

<if>oce0</if>

<spoofmac/>

<enable/>

</opt6>

</interfaces>

<staticroutes/>


-<dhcpd>


-<lan>


-<range>

<from>192.168.10.10</from>

<to>192.168.10.161</to>

</range>

<dhcpleaseinlocaltime/>

</lan>


-<opt4>


-<range>

<from>172.16.10.5</from>

<to>172.16.10.100</to>

</range>

<enable/>

<failover_peerip/>

<defaultleasetime/>

<maxleasetime/>

<netmask/>

<gateway/>

<domain/>

<domainsearchlist/>

<ddnsdomain/>

<ddnsdomainprimary/>

<ddnsdomainkeyname/>

<ddnsdomainkey/>

<mac_allow/>

<mac_deny/>

<tftp/>

<ldap/>

<nextserver/>

<filename/>

<filename32/>

<filename64/>

<rootpath/>

<numberoptions/>

<dhcpleaseinlocaltime/>

</opt4>


-<opt5>


-<range>

<from>10.100.0.10</from>

<to>10.100.0.100</to>

</range>

<enable/>

<failover_peerip/>

<defaultleasetime/>

<maxleasetime/>

<netmask/>

<gateway/>

<domain/>

<domainsearchlist/>

<ddnsdomain/>

<ddnsdomainprimary/>

<ddnsdomainkeyname/>

<ddnsdomainkey/>

<mac_allow/>

<mac_deny/>

<tftp/>

<ldap/>

<nextserver/>

<filename/>

<filename32/>

<filename64/>

<rootpath/>

<numberoptions/>

</opt5>

</dhcpd>


-<dhcpdv6>


-<lan>


-<range>

<from>::1000</from>

<to>::2000</to>

</range>

<ramode>assist</ramode>

<rapriority>medium</rapriority>

</lan>

</dhcpdv6>


-<snmpd>

<syslocation/>

<syscontact/>

<rocommunity>public</rocommunity>

</snmpd>


-<diag>


-<ipv6nat>

<ipaddr/>

</ipv6nat>

</diag>

<syslog/>


-<nat>


-<outbound>

<mode>automatic</mode>

</outbound>

</nat>


-<filter>


-<rule>

<type>pass</type>

<ipprotocol>inet</ipprotocol>


-<descr>

-<![CDATA[Default allow LAN to any rule]]>
</descr>

<interface>lan</interface>

<tracker>0100000101</tracker>


-<source>

<network>lan</network>

</source>


-<destination>

<any/>

</destination>

</rule>


-<rule>

<type>pass</type>

<ipprotocol>inet6</ipprotocol>


-<descr>

-<![CDATA[Default allow LAN IPv6 to any rule]]>
</descr>

<interface>lan</interface>

<tracker>0100000102</tracker>


-<source>

<network>lan</network>

</source>


-<destination>

<any/>

</destination>

</rule>


-<rule>

<id/>

<tracker>1501555937</tracker>

<type>pass</type>

<interface>opt4</interface>

<ipprotocol>inet</ipprotocol>

<tag/>

<tagged/>

<max/>

<max-src-nodes/>

<max-src-conn/>

<max-src-states/>

<statetimeout/>

<statetype>keep state</statetype>

<os/>


-<source>

<any/>

</source>


-<destination>

<network>opt5</network>

</destination>

<descr/>


-<updated>

<time>1501555937</time>

<username>admin@192.168.10.151</username>

</updated>


-<created>

<time>1501555937</time>

<username>admin@192.168.10.151</username>

</created>

</rule>


-<rule>

<id/>

<tracker>1501555411</tracker>

<type>pass</type>

<interface>opt5</interface>

<ipprotocol>inet</ipprotocol>

<tag/>

<tagged/>

<max/>

<max-src-nodes/>

<max-src-conn/>

<max-src-states/>

<statetimeout/>

<statetype>keep state</statetype>

<os/>


-<source>

<any/>

</source>


-<destination>

<network>opt4</network>

</destination>

<descr/>


-<created>

<time>1501555411</time>

<username>admin@192.168.10.151</username>

</created>


-<updated>

<time>1501555904</time>

<username>admin@192.168.10.151</username>

</updated>

</rule>


-<separator>

<opt5/>

<opt4/>

</separator>

</filter>

<shaper/>

<ipsec/>

<aliases/>

<proxyarp/>


-<cron>


-<item>

<minute>1,31</minute>

<hour>0-5</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 adjkerntz -a</command>

</item>


-<item>

<minute>1</minute>

<hour>3</hour>

<mday>1</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>

</item>


-<item>

<minute>*/60</minute>

<hour>*</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>

</item>


-<item>

<minute>*/60</minute>

<hour>*</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout</command>

</item>


-<item>

<minute>1</minute>

<hour>1</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>

</item>


-<item>

<minute>*/60</minute>

<hour>*</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>

</item>


-<item>

<minute>30</minute>

<hour>12</hour>

<mday>*</mday>

<month>*</month>

<wday>*</wday>

<who>root</who>

<command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>

</item>

</cron>

<wol/>


-<rrd>

<enable/>

</rrd>


-<load_balancer>


-<monitor_type>

<name>ICMP</name>

<type>icmp</type>


-<descr>

-<![CDATA[ICMP]]>
</descr>

<options/>

</monitor_type>


-<monitor_type>

<name>TCP</name>

<type>tcp</type>


-<descr>

-<![CDATA[Generic TCP]]>
</descr>

<options/>

</monitor_type>


-<monitor_type>

<name>HTTP</name>

<type>http</type>


-<descr>

-<![CDATA[Generic HTTP]]>
</descr>


-<options>

<path>/</path>

<host/>

<code>200</code>

</options>

</monitor_type>


-<monitor_type>

<name>HTTPS</name>

<type>https</type>


-<descr>

-<![CDATA[Generic HTTPS]]>
</descr>


-<options>

<path>/</path>

<host/>

<code>200</code>

</options>

</monitor_type>


-<monitor_type>

<name>SMTP</name>

<type>send</type>


-<descr>

-<![CDATA[Generic SMTP]]>
</descr>


-<options>

<send/>

<expect>220 *</expect>

</options>

</monitor_type>

</load_balancer>


-<widgets>

<sequence>system_information:col1:show,interfaces:col2:show</sequence>

</widgets>

<openvpn/>

<dnshaper/>


-<unbound>

<enable/>

<dnssec/>

<active_interface/>

<outgoing_interface/>

<custom_options/>

<hideidentity/>

<hideversion/>

<dnssecstripped/>

</unbound>


-<revision>

<time>1501556280</time>


-<description>

-<![CDATA[admin@192.168.10.151: /interfaces.php made unknown change]]>
</description>

<username>admin@192.168.10.151</username>

</revision>


-<cert>

<refid>597fcb0f90dce</refid>


-<descr>

-<![CDATA[webConfigurator default (597fcb0f90dce)]]>
</descr>

<type>server</type>

<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQkZXZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBRENCdERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRGpBTUJnTlZCQWdUQlZOMFlYUmxNUkV3RHdZRFZRUUhFd2hNYjJOaGJHbDBlVEU0TURZR0ExVUVDaE12Y0daVApaVzV6WlNCM1pXSkRiMjVtYVdkMWNtRjBiM0lnVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhLREFtCkJna3Foa2lHOXcwQkNRRVdHV0ZrYldsdVFIQm1VMlZ1YzJVdWJHOWpZV3hrYjIxaGFXNHhIakFjQmdOVkJBTVQKRlhCbVUyVnVjMlV0TlRrM1ptTmlNR1k1TUdSalpUQWVGdzB4TnpBNE1ERXdNREkzTlRsYUZ3MHlNekF4TWpJdwpNREkzTlRsYU1JRzBNUXN3Q1FZRFZRUUdFd0pWVXpFT01Bd0dBMVVFQ0JNRlUzUmhkR1V4RVRBUEJnTlZCQWNUCkNFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRS0V5OXdabE5sYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG0KTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwWlRFb01DWUdDU3FHU0liM0RRRUpBUllaWVdSdGFXNUFjR1pUWlc1egpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0dBMVVFQXhNVmNHWlRaVzV6WlMwMU9UZG1ZMkl3Wmprd1pHTmxNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFuK2tDQmhwQ0RyUTVEVm13c0RrcjgrRHgKS0lRbmJLWHo3cjhZY1ZmVnZ2cXpneFZMSEFDa2RWdXdsVHh0WllYM2o2aHBaeUhQektRYm5nS0RqbnFLaWRsLwppYUY5bzlqUnJBL1NPMXNUbUxCTzdRMUdjamZHeXE2d08yZjRDZW5VdFhicjZQQlhDblA0L3d4ZFUzMGl4NWRDCnNMYjFuWUJ5N0tZYW9EMHZJTlVvZzhjWXplVFFSR3Zid0cwaHRKdUZvUmQ0TmdwdVdxTW9pSlZQYVJ5WmJnWmYKOWhIbFdoMmdiMVlWTmxYWkZrOWhHRzZsaTBKWFErUnNCZkZjUnZEdE1Cdi9QMVk1TFVQUjltbG9YNXlHSERMegppL0szVkRRVENuWjNEdlNKUHhjRmpOcjFxK0lwZXNjVFFMblk5MGorYXJoc0dYeTgzNDVEWEdlMmlZbEhnUUlECkFRQUJvNElCaGpDQ0FZSXdDUVlEVlIwVEJBSXdBREFSQmdsZ2hrZ0JodmhDQVFFRUJBTUNCa0F3TXdZSllJWkkKQVliNFFnRU5CQ1lXSkU5d1pXNVRVMHdnUjJWdVpYSmhkR1ZrSUZObGNuWmxjaUJEWlhKMGFXWnBZMkYwWlRBZApCZ05WSFE0RUZnUVU4Rm84Ny9WVmJGR3k4SU40Y1lFRkR1WXRzQ2t3Z2VFR0ExVWRJd1NCMlRDQjFvQVU4Rm84CjcvVlZiRkd5OElONGNZRUZEdVl0c0NtaGdicWtnYmN3Z2JReEN6QUpCZ05WQkFZVEFsVlRNUTR3REFZRFZRUUkKRXdWVGRHRjBaVEVSTUE4R0ExVUVCeE1JVEc5allXeHBkSGt4T0RBMkJnTlZCQW9UTDNCbVUyVnVjMlVnZDJWaQpRMjl1Wm1sbmRYSmhkRzl5SUZObGJHWXRVMmxuYm1Wa0lFTmxjblJwWm1sallYUmxNU2d3SmdZSktvWklodmNOCkFRa0JGaGxoWkcxcGJrQndabE5sYm5ObExteHZZMkZzWkc5dFlXbHVNUjR3SEFZRFZRUURFeFZ3WmxObGJuTmwKTFRVNU4yWmpZakJtT1RCa1kyV0NBUUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVo5eXhheW80V1JLZ3YyT3ZWOG9wCjF5Y3FJNHRtZWdZSEhLVFRFKzcxSVAxT0pMb0VvQkxCS1Qrb2ZNVXo4ZDVrTjFjY0k3Rm0wTTJ2Z3BmWExPb0YKdUZxYlNzRUR6NEJPNlNBdE14ZllBS25sUyt1VU01aDF0TEJvR3pLaTVwb01ldWFPRm81aHZ3ejZlWlJvZUVJSwpwMFNpWHV1a1RpQXI2cm5OSDQweEdnNXpuc2d4cFBXOGZPaVJKOC9UZEdNTmxRbll1YWt4ajlEZEFHRDlKNEtPCkw2WE8rNGI3Szk3OTBqTSs5UC9UTGJDeTBxUjhDNHpiVDd2V3h2aFlxVkV5cXZLVjd0UEloczh4cnJYL1JmYm0KSW9USXU1czhkdElGeVF2N3lOU3VBZUpUdDFobStUcHhOTWJ6dTk2SVJLVWNMNXhXNmhIeXdpdGxPK0NMbFU2Kwo4UT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>

<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQ2Y2UUlHR2tJT3REa04KV2JDd09Tdno0UEVvaENkc3BmUHV2eGh4VjlXKytyT0RGVXNjQUtSMVc3Q1ZQRzFsaGZlUHFHbG5JYy9NcEJ1ZQpBb09PZW9xSjJYK0pvWDJqMk5Hc0Q5STdXeE9Zc0U3dERVWnlOOGJLcnJBN1ovZ0o2ZFMxZHV2bzhGY0tjL2ovCkRGMVRmU0xIbDBLd3R2V2RnSExzcGhxZ1BTOGcxU2lEeHhqTjVOQkVhOXZBYlNHMG00V2hGM2cyQ201YW95aUkKbFU5cEhKbHVCbC8yRWVWYUhhQnZWaFUyVmRrV1QyRVlicVdMUWxkRDVHd0Y4VnhHOE8wd0cvOC9Wamt0UTlIMgphV2hmbklZY012T0w4cmRVTkJNS2RuY085SWsvRndXTTJ2V3I0aWw2eHhOQXVkajNTUDVxdUd3WmZMemZqa05jClo3YUppVWVCQWdNQkFBRUNnZ0VCQUoycEZ4UzdPTnZVZHRlaDBXRzl6SWIwQmZEamN4ZGMrNGN0bzhURVMvcXkKcE9DZDB1TDJBeSt1U2dpcGZsWjFZaUtpY2VGNzVhd25OUTl4L1JFeDRudU5GSUMyMXUvL2FxSlJLdjdZaWhhbAo1ZnMwZG50UVlOQWVzYVN3bWszejNJTlpqN2lubGJtNXBBcWF2eno4aUpqdW1wTXVvRFU4bXBLV0puUk1QcllICnhLTWZQR3VCWm4rQ1cwclpVSFB0RFdnc05tODdCbTU5WFhjZzJJVEVsQ000YXY3TzlNbnR0NTFzZ2lQR2RCWkMKbzFUUWdqRW40YVRnN2xibTZrbjQwWktyL2w5ZGFpQk40Z1lydjdFaDh5OFIrc1JHN0J1Y3BLQmM3QUxDVU43egp3MUlveXladnA4cGtUZDR6TTIvRFVPL21lMkpQS3lZbkpUQVEzZkpqOEYwQ2dZRUF5Mi9GZ01hMkV4NzNvZW5pCnRFVFRDeTM0bE9HS1Zra3o1RWpEaGppZkMxUGdIaTYyczhodkJQbWpGbXE5dVE1bE5JazU5bEtTNEFhc0cvS3AKZTE5b3Nabkgra2gzL0NTeEllV3gyV1g4RFpFUlg1Q1FCWW1haG1ucDZGM3dkK2xlZTgvUnVSTkN6Qlp6REQ0TQpZWk5oYktkWGJhaDlnM2FiSUJzQWJ3M3JjcWNDZ1lFQXlUb3pJTEVjUXFuazJETVFzU3c3OUpBMzgrV28zaGhhClhCUU9Ca0tXa1M1dHFIQjNwVlZHeUdRMDhMcTB4ajBwQWdXNE4yd0dGeFdHNzdmSmRlZXl1T2V3S0djQTRDZTEKc3JFYzFYZFpJWkkyNWRpbUNLdWdYZXArQ0E3NHd3ZTlXc3M1S2JWeFBqd3dod2pDUnA1Nmk5WFYrZ1ZOT0k2UApKakRBVU1yYUFaY0NnWUJUTTFRd0ZaVFRmeC9CelhqVlJ5eVU3dWt5WW9lRVFJNERlQ3JYRXdNZ3k5M21HaTdJCm1sbWxURCtCNUlmUlRtemZycHZRL1BacXZ1L1d3a2pFVjBIbkdNQ3J3TVdwam93UEUvVEh0Nmo5RjI1bWlpWU0KemJrdjdkTW5JSHcvWG1jdzljNk5CYTZVN3oyQUxVUTlCOXlaWmxzZ1V2OTZLNkRINGFNc3lDR2FFd0tCZ0h6eApPaFd1WXBHeDAzbTZHejhtN0FNcUdOUERZVnFsWEZXWHppMXM0dmc2RDdScVFKL1RseU9OdEtGVURES2Fmdi9XCmRVOVVMMlBkNWU2cCt0ak9pRlh1NVozd2RzYTNZVVlXV29UZ21lTVNXaXZVblNMOURaSENxNFp0WldBVFNpczUKeThCdC9HWmNFUFdISnJtYVpSUzJMU29VYUtJWlFpREFYR2pOeXhiNUFvR0FUclpRTVVFbDR4SW56eWJ4UkdISgp3aU9sTm5NZnFtdWlmWU50M3pmVmRyY21LYmRLZ01rV2ZVcE5lRGNyRUhkZTAvckowSGJvanVqY1lRSnhtR0J4CjhaR0pyRWVCK1dZSFh1Sk9ldEVJaUNNQmxDZnpUY2N5WncxU2lpWjg4dGU3YktsM3R6RENaQlBCRkg3cnVnU2gKMWdSMWhqUUZzanNFcTFVZkZGNXRwWWM9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K</prv>

</cert>

<ppps> </ppps>


-<vlans>


-<vlan>

<if>oce0</if>

<tag>10</tag>

<pcp/>


-<descr>

-<![CDATA[LAN]]>
</descr>

<vlanif>oce0_vlan10</vlanif>

</vlan>


-<vlan>

<if>oce0</if>

<tag>20</tag>

<pcp/>


-<descr>

-<![CDATA[Wireless]]>
</descr>

<vlanif>oce0_vlan20</vlanif>

</vlan>


-<vlan>

<if>oce0</if>

<tag>6</tag>

<pcp/>


-<descr>

-<![CDATA[Management]]>
</descr>

<vlanif>oce0_vlan6</vlanif>

</vlan>


-<vlan>

<if>oce0</if>

<tag>30</tag>

<pcp/>


-<descr>

-<![CDATA[Storage]]>
</descr>

<vlanif>oce0_vlan30</vlanif>

</vlan>


-<vlan>

<if>oce0</if>

<tag>40</tag>

<pcp/>


-<descr>

-<![CDATA[Servers]]>
</descr>

<vlanif>oce0_vlan40</vlanif>

</vlan>

</vlans>

<gateways> </gateways>

</pfsense>
Switch Config
Code:
(FASTPATH Routing) #show running-config
!Current Configuration:
!
!System Description "Quanta LB6M, 1.2.0.14, Linux 2.6.21.7"
!System Software Version "1.2.0.14"
!System Up Time          "0 days 2 hrs 56 mins 9 secs"
!Additional Packages     FASTPATH QOS
!Current SNTP Synchronized Time: Not Synchronized
!
network protocol none
network parms 10.0.1.2 255.255.255.0 0.0.0.0
serviceport protocol none
serviceport ip 10.0.0.2 255.255.255.0 0.0.0.0
vlan database
vlan 6,10,20,30,40,50
exit 
ip ssh server enable
sshcon timeout 160
configure
aaa authentication enable "enableList" enable
line console
exit
line telnet
exit
line ssh
exit
spanning-tree configuration name "04-7D-7B-B0-18-83"
!
interface 0/1
vlan pvid 30
vlan participation include 30
vlan tagging 30
exit
interface 0/24
description 'Trunk-Core-FW'
vlan participation include 6,10,20,30,40,50
vlan tagging 6,10,20,30,40,50
exit
interface 0/25
vlan pvid 30
vlan participation include 30
exit
interface 0/26
vlan pvid 40
vlan participation include 40
vlan tagging 40
exit
router rip
exit
router ospf
exit
exit
 

Drewy

Active Member
Apr 23, 2016
208
56
28
54
Hello and welcome.
A little detail of what you're trying to do, what ports are connected and what problems you're seeing may help.

Did you try giving 0/24 on the lb6m a pvid?
 

Veedubin

New Member
Aug 2, 2017
5
0
1
35
I have 0/24 connected to my FW as a trunk (or should be lol) and it has 6 vlans on it. I do not have a pvid on the port... Could that be my issue? What pvid would I set it to? Since you can only set 1, it didn't make sense to me to set one. From what I read in other posts, I just had to set tagging and vlan participation for the vlans I wanted on that port. Intra-vlan traffic is fine and works for switching but when I try to send the traffic through to the FW I see the packets getting dropped on the switch. I posted both the PfSense config and the switch config in hopes that someone could spot my error. I have done this dozens of times on cisco hardware but I cannot seem to figure it on this quanta switch.
 

Drewy

Active Member
Apr 23, 2016
208
56
28
54
Just try setting a pvid, anyone from the vlans you have on that trunk.
 

Veedubin

New Member
Aug 2, 2017
5
0
1
35
Just set it to 6, still can't ping the interface. I even have an all to all FW rules setup in floating to allow all protocols. It should pass just about anything to anywhere. Still nothing... Dang!
 

Veedubin

New Member
Aug 2, 2017
5
0
1
35
Still can't get this working. Basically I can ping intra-vlan but my inter-vlan is broke still. I have even tried this setup on Sophos UTM and swapped out my Emulex card for an Intel x510 and still no help. So I am pretty sure it's my switch config. I essentially just want to use this switch as a basic L2 switch. I do not want to do the routing on my switch. I want to create a router on a stick config. I have read all the posts I can regarding vlans and pfsense but I still haven't figured this out. I have 5 vlans (10,20,30,40,50) all configured on a single interface and they are tagged. I am still really confused as to why this isn't working. I know I have the FW correct, I have used vlans before on my other gigabit switches and it worked fine. DHCP is working from the FW to the end devices like my NAS and my test machine but again since the DHCP is happening on the same vlan, it seems to work just fine. I am really stuck and I hope someone can post a config that shows me what I am doing wrong.
 

Veedubin

New Member
Aug 2, 2017
5
0
1
35
Also the single vlan interfaces I set up, I removed tagging and just left on PVID and Vlan participation include vlanx and Vlan participation exclude vlan1.