So I’m new to pfsense and looking to get setup my own home pfsense box. I’m curious as to management vlan am I right in thinking that management vlan is for things like accessing APs, and switches for managing.
I.e.
Management vlan 10
192.168.10.0/24
AP ip address - 192.168.10.2/24
Switch ip address - 192.168.10.3/24
Also what ip address segment should the pfsense box be, also vlan 10 or would the default 192.168.1.1 suffice.
If you are new to setting thing up, moving to a management VLAN might be a big challenge to start with. But yes, you can change via rules on the firewall what network can access the web interface on pfsense.
@Mati92, it is very common to isolate the mgmt interfaces of your network devices to a dedicated vlan and limit access to them. When it comes to the default settings for mgmt of the pfSense firewall, I create a new interface for this. You don’t want any end user system to have access to the mgmt ports on any of your gear.
It is probably your member port config. I don’t know what physical ports would run what VLANs, but since they don’t have all VLANs assign to them across the board it is the first place I would look.
I got myself a new switch to finally get rid of 2 switches. I’ve got vlans setup and working with pfsense. I left port 1 on vlan 1 but somehow I have managed to lock myself out of the gui. I’ve set my ip to same ip range as switch still nothing. Heading for a reset and resettting everything up I’m thinking untagged port 1 for vlan 1 and port 24 as truck port.
This is probably a stupid question and i may get laughs, if i have a management Vlan of 10 for instance do i have to physically assign any of my port switches to vlan 10, or can i just use a rule from my vlan 20 network to access vlan 10.
Yes, you need to assign VLAN10 to any port that with have a management interface plugged into it. When it comes to allowing systems from other VLANs access to your management network, I would be very specific on what IPs and ports allowed.