Main LAN on a VLan


I have a pfSense firewall serving some Unifi switches and Access Points.

I have been doing some experiments in order to move the infrastructure to a dedicated Management VLAN (relatively easy), while also allowing adoption of new Unifi equipment to function (harder) and minimise use of the default VLAN 1 (common security advice, seems pretty difficult to actually achieve).

As part of this , I have been trying to put the main LAN (created with the WAN during installation) on a VLAN. This seems to be impossible. I have other VLANs working fine, but connectivity is lost immediately I do this , even with port settings at ALL. Switch the LAN back to a basic interface and the connection returns ??


There is another thread pfSense + Unifi - No internet, ping, nothing on the VLAN - #8 by charles1 with the same issue. Not sure if there is some principle behind whether you can mix LANs and vlans, I’ve not tried it.

On my setup, I have a LAN but I don’t actually use it for anything, unless I want to directly plug into the pfSense box. All the other ports are in LAGG with the vlans.

It’s not altogether clear why you want to to put your LAN on a vlan in your scenario. Just migrate to vlans and leave the LAN.

Yes I think that is the solution.
Now I am just interested as to why the first created LAN cannot be put on a VLAN ?