I am using pfsense 2.5.2 and although I’ve been using pfsense for about a year I have not been doing any tinkering with it. This weekend I had some free time and decided that I would finally implement VLANs on my home network to isolate some of the more sketchy devices that I own from everything else.
I started by creating a VLAN with VLAN ID 30. I am using static ipv4 IP address mapping. I added a static IPv4 mappinng for the device (Linux Laptop) that I am adding to the VLAN. The device has an internal static IP address of 172.16.30.9 with a netmask of 255.255.255.192.
I have added a firewall rule applied to this VLAN to allow all ipv4 traffic to the internet.
On my managed switch I have enabled the VLAN on the port to which the Laptop is connected. Both the switch and pfsense show that the laptop is successfully connected to the VLAN.
I have set the static ip address on the Laptop using the KDE network settings in the control panel, the laptop is able to connect to the pfsense web interface however I cannot ping google.com and I cannot access any website on the internet via web browser.
Other devices connected to untagged ports are functioning properly.hi.
Can someone help me figure out how to fix this?
This video covers how to do it with a UniFi switch but just extrapolate the concept and apply it to what ever switch you are suing.
Thanks Tom I watched that video already, I didn’t even know what a VLAN was till I watched that video. I still don’t know what I’ve done wrong.
Anyone care to help me trouble shoot?
What switch do you have ?
I have the older version of this switch.
What I’ve noticed with Netgear switches is that the vlans need to be configured unconnected to pfSense. When I’ve added another vlan later, I basically had to reset the switch and configure the vlans again.
You’ll need to also ensure you have taken the ports off the default vlan.
I’d recommend doing a factory reset, setup your vlans, then connect it to pfsense.
Thanks Neogrid I’ll probably start this weekend.
I have it set so that my computers on the VLAN are on an untagged port, then the pfsense is connected to a tagged port which is also marked as a trunk. The trunk gives the VLAN internet access.
TBH, I’m not sure that’s correct but it’s working. 
It’s the old Red Green saying “this is all temporary … unless it works”.
Netgear gets a bad wrap and in my limited experience they do seem very unintuitive to set up. It was free is my excuse.
It was the cheapest option at the time for what it offered, I guess you get what you pay for.