Pfsense & TP-Link VLAN configuration

Hi folks, I’m after some guidance with my setup as I’m trying to work out what is causing the issue with my VLAN’s. Currently my setup looks like this:

Fibre to the node > ASUS Modem (PPoE Auth) > TP-Link TL-SG1016PE > Proxmox server with pfSense VM.

pfSense: 192.168.2.1
LAN (vtnet0 pfSense): 192.168.2.1/24 with DHCP enabled in pfSense
VLAN 50 (General): 192.168.50.1/24 with DHCP enabled in pfSense
VLAN 75 (Cameras): 192.168.75.1/24 with DHCP enabled in pfSense

The rules that I’ve got configured in pfSense at the moment are set to allow all.

Switch: 192.168.2.10
Port 1: PC
Port 3: Proxmox Server
Port 4: Proxmox Server (Tagged on VLAN 1, 50 and 75)
Port 5: Camera
Port 6: Camera
Port 7: Camera
Port 10: Laptop for testing purposes (Untagged on VLAN 50)
Port 16: Modem to switch (Untagged on VLAN 1)

If I connect my laptop, it gets a 169 address, if I add an untagged on VLAN 1 as well, I end up with a 192.168.2 IP that is given via pfSense.

Looking at the configuration, is there something that I’m missing as to why it isn’t able to obtain an IP from VLAN 50? I’m unsure if it is the VLAN setup on the switch or if something in pfSense is stopping it.

I’ve attached pictures of the switch VLAN configuration as well if that helps.

I guess it may have to do with the pvid on port 10. If you have only vlan 50 on this port set pvid to 50 if you have several vlan possible set it to a dummy vlan id.

Thanks for the reply, I’m a bit confused though the PVID is already 50 for Port 10, are you suggesting that I change Port 10 to a random PVID and then see if it works?

I think I’ve finally crack it and got it working as per the below:

Server NIC 1 and 2: Tagged
Port 10 (Laptop): Untagged on VLAN 1 and 50

I can now get an IP from VLAN 50 on my laptop.
I now should be able to proceed with the rest of my VLAN configuration on the switch.

It seems that I needed both NIC’s on my Proxmox server to be tagged and not just one, I will be documenting these changes.

I will report back with how these changes go.

Update
So I’ve got the VLAN’s working the only issue that I have now is with a proxmox VM it isn’t getting an IP on VLAN 50. Should I have to set the VLAN tag on the VM itself via the NIC?

Not via the NIC per se. First you have to make sure the proxmox bridge is VLAN aware. Second you have to specify the VLAN you want the VM to be on in the Hardware/Network configuration screen in proxmox.

Brandon Lee has a good write up on this: Proxmox Network Configuration for Beginners including VLANs - Virtualization Howto

1 Like

Thanks for the reply, I was away on holidays but will check this out.