S600W VLAN Setup

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Tonle

New Member
Apr 29, 2024
1
0
1
Hi all,

I have recently starting working towards a homelab. One of the key thing was the home network piece where I was trying to setup 2 VLAN (IOT/Kids) and with rest of the traffic as untagged (which I realised might not be ideal, baby steps...).
The setup with opnsense connected with a single cable to a Hasivo S600W (port 1-trunk). I have setup the 2 VLAN (20,30) with icg0 (lan) as parent interface. The untagged subnet is 192.168.0.x, while the other 2 VLAN are on 192.168.20.x and 192.168.30.x respectively.
For testing purposes, I have setup port 4 on the switch to a member port for VLAN 30. But when I plug a device in VLAN 30, I can't seem to get an IP (self assigned IP).
Note that I have not defined anything in the VID config page, it is all default. I am not sure what PVID is, is that the same as the VLAN tag of 30?

Sorry I am starting as noob on this and I have tried to follow guide and read some of the posts, but I have not been able to figure it out. Anyone has any guidance to offer?

For reference on the OPN sense side:, I have done the following :
1. Created VLAN 20/30 with igc0 as parent interface and did the assignment
2. Assigned DHCP service to serve IP address in the 2 ranges: 192.168.20.0/24 and 192.168.30.0/24 respectively
3. Untagged LAN is on 192.168.0.1, with opensense box on 192.168.0.1
 

Attachments

jode

Member
Jul 27, 2021
46
35
18
For testing purposes, I have setup port 4 on the switch to a member port for VLAN 30. But when I plug a device in VLAN 30, I can't seem to get an IP (self assigned IP).
Well, to get an IP the computer on port 4 needs to be able to talk with opnsense. Port 4 is connected to vlan 30, how does VLAN 30 connect to opnsense? You need to add the port that connects to opnsense to VLAN 30. Probably as "tagged", meaning that you ask the switch to send packets tagged with VLAN 30 to the port connected to opnsense without modifying the tag.
Same applies to VLAN 20.
Lets assume your opnsense is connected to port 1 on your switch, then add port 1 as tagged port to both VLAN 20 and VLAN 30.

On the other hand you want your kids computers (the one connected to port 4) to "just work". What that means is that any packet that enters the port needs to get tagged with VLAN 30 (because the computer doesn't send tagged packets), and every packet from vlan 30 that leaves the port towards the computer needs the VLAN tag removed.
You accomplish that my marking port 4 as "Untagged" and on the other screen you set the PVID for port 4 to "30" to indicate that any untagged packet entering the port should get tagged with VLAN 30.