Partial communication across VLANS

I’m running a pFSense firewall. I have multiple VLANS setup. For some reason some things are communicating fine across the vlans and other things are not. For example my desktop is on the default lan which is 192.168.44. My desktop can see some things on my management vlan which is vlan 45 192.168.45. For example my desktop can see my IPMI interface for my pfsense box, file server and xcpng server. It can also see the management interfaces for Unifi, XOA. However it can not see the management interface for Truenas or some vm’s that I have on my management vlan unless it’s on the same vlan. For vlan rules all I have setup currently is allow all. I looked at my firewall logs and I am not finding anything being block for my desktop to vlans or for that matter anything going to my truenas management port. I’m stumped any thoughts?

Do you have the VLAN’s properly defined in the switch you are using?

Check the firewall on the devices your desktop cannot reach, maybe they restrict access to connections from the same network.

@LTS_Tom I believe I have them setup correctly but it wouldn’t be the first mistake I’ve made! For the test VM I disabled windows firewall @paolo cause I had the same thought but it still didn’t work. Below are screen shots from my firewall rules, logs and the vlan setup in unifi. Thanks a heap for all the help.




Ok now I can communicate with the VM’s but still not Truenas for some reason. I didn’t make any changes after my original post… Couple of additional bits of info. Both of my switches are Layer 2 and the ip for Truenas is static. I did add an entry in the DHCP server for the vlan for the Truenas static IP. If my understanding is correct the Layer 2 switches don’t do any routing so all the traffic should be going to the pfSense box for routing.

Hmm interesting I switched Truenas to DHCP and its communicating fine now… Don’t really want it to be DHCP.

So in Truenas under network and Global Config I did not have the name server or default gateway set. I edited that correctly and then switched back to static and it’s still working. But time will tell if it continues to work or if I have issues again. I had an issue like this when I first set all this up a month or so ago and ended up flipping all the affected devices back to dhcp and then re setting them up with static and that got me going. Just really weird.

1 Like

I have a video showing how to Setup VLANs With pfsense & UniFi switches, good way to compare if you have it setup properly.

Yep thats the first place i went when i started having issues. Then to your troubleshooting video. Both were very informative thanks!

OP, on Truenas management interface (the one that has TrueNAS web interface associated), do you have a default route to your gateway?
Same thing for any other interface on TrueNAS where you have shares (SMB, NFS, etc), what route is used?
I had that issue a few years ago where my traffic came on one interface (10GE) on TrueNAS (FreeNAS back then) but came out from another (1GE) interface because of the routing on TrueNAS itself. I discovered it when I benched the transfer speed and only got 1Gbps instead of 10Gbps.

2 Likes

That is an awesome point no I do not have that setup and I have some 10GB nics that I will be working with so that is a great pointer thanks!

Yes, I’ve found TrueNAS really likes to have the local domain defined or it has trouble communicating with things intermittently.

That’s interesting about the domain. I’m not running a domain but did put the same domain from pFsense in there. Everything has been working so far. Only continuing weird issue is that the web gui will reload every 10-15ish seconds if I am accessing it from a different vlan. Been doing the google fu and I’m not the only one who has seen that but haven’t found a solution yet. Not the biggest issue as I can just access it from the same vlan but odd.