Pfsense - VLAN Configuration

Pfsense - VLAN Configuration

Jun 12, 2022 - 00:44
 0  553
Pfsense - VLAN Configuration

Pfsense - VLAN Configuration

Would you like to learn how to configure the Pfsense Vlan feature? In this tutorial, we are going to show you how to perform a Vlan configuration on a Pfsense server.

• Pfsense 2.4.4-p3

Here is a list of the existent interfaces on our Pfsense server before our configuration:

• WAN - 200.200.200.200
• LAN -  192.168.1.1

In our example, we are going to create a VLAN sub-interface named OPT1 on the LAN Physical interface.

The sub-interface named OPT1 will be a member of the VLAN 10 and will use the IP address 192.168.10.1:

Here is a list of the interfaces on our Pfsense server after our configuration:

• WAN - 200.200.200.200
• LAN -  192.168.1.1
• OPT1 -  192.168.10.1

PFSense - Vlan Configuration

Open a browser software, enter the IP address of your Pfsense firewall and access web interface.

In our example, the following URL was entered in the Browser:

• https://192.168.1.30

The Pfsense web interface should be presented.Pfsense login

On the prompt screen, enter the Pfsense Default Password login information.

• Username: admin
• Password: pfsense

After a successful login, you will be sent to the Pfsense Dashboard.Pfsense dashboard

Access the Pfsense Interfaces menu and select Assignments option.pfsense interface assigments menu

Access the VLAN tab and click on the Add button.

On the VLAN screen, perform the following configurations:

• Parent Interfaces - Select the Physical interface
• VLAN Tag - Enter the VLAN identification number
• Description - Optionally enter a description

Click on the Save button to create the pfsense Vlan.pfsense vlan configuration

On the Interface Assignments tab, select the new Vlan interface and click on the Add button.pfsense vlan interface

In our example, The Vlan 10 was assigned to our Pfsense firewall using the name OPT1.pfsense vlan interface setup

Access the Pfsense Interfaces menu and select the new Vlan interface name.

In our example, we selected the OPT1 interface.pfsense link-aggregation configuration

On the General Configuration area, perform the following configuration:

• Enable - Yes
• Description - Optionally, you may change the name of the Vlan interface
• IPv4 Configuration Type - Static IPV4
• IPv6 Configuration Type - None
• Speed and Duplex - Defaultpfsense link aggregation configuration

On the Static IPv4 Configuration area, perform the following configuration:

• IPv4 Address - Configure the VLAN interface IP address and netmask

Click on the Save button.

Click on the Apply changes button.pfsense vlan interface ip configuration

Congratulations! You have finished the Pfsense Vlan configuration.

Keep in mind that you need to create firewall rules to allow the new VLAN interface to communicate.

Tutorial - VLAN Configuration on Cisco Switch

Now, you need to perform the Vlan trunk configuration on the Network Switch.

In our example, we are going to show how to perform the Vlan configuration on a Cisco Catalyst Switch model 2960.

On the prompt screen, enter the administrative login information.

Use the configure terminal command to enter the configuration mode. Copy to Clipboard1

Switch>
Switch> enable
Switch# configure terminal

Create a new vlan, select an identification number and add a brief description

Switch(config)# vlan 10
Switch(config-vlan)# name Voice Network
Switch(config-vlan)# exit

Access the interface configuration mode and set the Switch port as a trunk.

Add the list of authorized Vlans to use this trunk.

Switch(config)# interface gigabitethernet0/40
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk native vlan 1
Switch(config-if)# switchport trunk allowed vlan add 1,10
Switch(config-if)# exit
Switch(config)# exit

In our example, the Switch port 40 was configured as a trunk.

The following Vlans were allowed to use this port as a trunk: 1 and 10.

Vlan 1 is the default native VLAN of Cisco Switches.

Don’t forget to save your Switch trunk configurationCopy to Clipboard1

Switch# copy running-config startup-config

Connect the Pfsense LAN interface to the Cisco Switch port number 40.

Traffic comming from the Pfsense LAN interface will not have VLAN tag and will be a member of the Cisco Switch native VLAN 1.

Traffic comming from the Pfsense OPT1 interface will have the VLAN tag 10 and will be a member of the Cisco Switch VLAN 10.

like

dislike

love

funny

angry

sad

wow