Pfsense with Proxmox VE

arjay · April 6, 2020, 2:46am

Hi I’ve been working for a home environment

I have pfsense running on a proxmox virtual environtment.

also I have Cisco Castalyst 2960

my problem is my pfsense WAN cannot get an ip address from my ISP.

for my cisco configuration I have created a vlan 50 for my trunk and assigned port 24 and port 23 to a vlan 50.

on my proxmox environment I added network device(virtualized) and tag them as vlan 50 for my wan
and the lan interface of my proxmox machine was set to vlan 1 as also a default vlan id of my cisco switch

if i hook a cable from any of the ports of the vlan 1 I can obtain an IP Address from my lan ,
however my WAN stil cannot,

any suggestion and help

I would really appreciate it

Thanks in advance

brwainer · April 6, 2020, 3:01am

Please provide the config for the switch (show run) and screenshots of the network settings in Proxmox for the host and VM interface.

arjay · April 6, 2020, 3:53am

Hi,

Thanks for reply.

please see detailed screenshot
Cisco Build configuration

!

the rest image can be found here
https://drive.google.com/open?id=1Axnc8EoNxMP2V-EAkJ-39mBnURMZKSVq

Thanks again

brwainer · April 6, 2020, 4:25am

Your switch config doesn’t have anything for VLAN 50 in it. It is possible that you forgot to “copy running-config starting-config” before removing the power / rebooting it. Anyway, what interface is your ISP plugged into, and what interface is Proxmox vmbr0 plugged into?

arjay · April 6, 2020, 6:46am

Hi @brwainer

thanks for keep answering my issue,

i forgot to mention that i am very new to a cisco thing

I never had that idea that i need to copy the running config before rebooting thanks for that.

by the way my ISP plugged into port 24 then the proxmox interface have plugged it on port 1.

by the way I added port 24 to my vlan 50
fa024
thank you.

brwainer · April 6, 2020, 2:44pm

You didn’t show port 1’s config, but I’ll tell you what it should look like:
interface FastEthernet0/1
switchport mode trunk

You also need to declare, outside of any interface, every additional vlan you want to use. Just run:
vlan 50

If you still have trouble please show the whole switch config again. And remember to “copy run start” every time you make changes and are happy with them. The reason changes aren’t auto-saved on most enterprise equipment is if you do something that causes you to lose access, it can be faster to have someone reboot the device to restore the saved config which allowed the normal access.

arjay · April 7, 2020, 10:11am

Hi @brwainer,

I have just make my fastehthernet0/1 to switchport mode trunk
but still the same
please see updated configuration

https://drive.google.com/open?id=1ihkSZ95MEdkd2n-ESTF3Fydq50ntiqse

brwainer · April 7, 2020, 9:04pm

Run these commands (all of them and nothing else):
conf t
vlan 50
int f0/1
no switchport trunk allowed vlan
end

Reasons:

Your config still doesn’t have “vlan 50” at the system level. A Cisco switch only allows through the VLANs that have been added to it.
the command “switchport trunk allowed vlan 1” means to ONLY allow the listed VLANs on that port.

arjay · April 8, 2020, 6:37pm

Hi @brwainer

Just an update.

aftr running those commands , my wan interface obtaining an IP Address from my network.

but please see image below.
I don’t have any connected at Port 24 as my vlan 50
diagram

thanks for this awesome help

Regards,