Recently I discovered Tom’s video: https://www.youtube.com/watch?v=b2w1Ywt081o&t=331s walking us through configuring a specific VLAN to segregate IOT devices. Since my home build is almost identical to the demo environment Tom displayed I thought it would try it for my home. It seemed easy enough, but I have hit a snag. I managed to get the VLAN created, Firewall rules created, VLAN assigned to my switch, and applied to a new Wireless network. I was even able to connect many of my devices to the WLAN. BUT! Nothing operating on the new VLAN can access the internet. I have tried everything I could to open it up, without avail. Has anyone implemented this kind of environment that could help me troubleshoot? This is my first foray into VLANing with pfSense and UniFi, so I don’t know what I don’t know.
Any and all help is GREATLY appreciated.
Perhaps you could give a lot more detail regarding VLAN setup and firewall rules. I’m sure people here would be happy to help you however you haven’t given us much to work with right now.
I followed Tom step by step from the video I linked. I was mostly interested in some troubleshooting steps I could undertake to try and determine where the disconnect exists.
Specifically I created a new VLAN with an assigned value of 20. So my firewall now has 3 assigned interfaces (LAN, OpenVPN, VLAN20). the VLAN is assigned to the same interface as LAN. Firewall rules to allow everything (all from VLAN to any) preceded by a rule to block access to the LAN.
If there are specific diagnostic read outs you would prefer to see I am more than happy to post them, but did not want to upload my entire config.
I was able to find the issue and address it. When building the firewall rules, I duplicated the rules from the LAN to the IOT VLAN, but by default the gateway was pre-configured as “Default” not my WAN. I opened the advanced options in the Firewall rule, changed the Gateway to WAN (not default) and everything started working as intended.