Router on a Stick for pfSense

mariem56 · June 2, 2021, 9:28am

I can’t follow this tutorial by netgate:Netgate 1100 Security Gateway Manual — Configuring a Router on a Stick | Netgate Documentation

For Cisco Routers I normally don’t add an IP address for the parent interface (LAN).
Example syntax:
interface giga 0/0
no IP address
no shut
end

I tried the setup in pfSense (DHCP server for VLAN 30, VLAN40) but I end up locked out.
Should I just add VLAN1 with IP addr.
VLAN30 and VLAN40.
What will be traffic if I add an IP address to LAN interface? Untagged or tagged?

EDIT:
I have my LAN_interface with 172.16.1.1 /24 as management IP addr.
Change VLAN1 to VLAN10 IP addr: 10.10.10.1 /24
VLAN30 IP addr: 192.168.30.1 /24
VLAN40 IP addr: 192.168.40.1 /24

If my management laptop IP is on 172.16.5.x network I can ping all VLANs and have internet.
But if I change my IP address to 10.10.6.56 for VLAN10 I can’t ping the 172.16.5.1 IP even though I added a firewall rule and don’t have internet connection.

Do I have to add Managed switch like pfSense > Manage switch > Laptop for testing?

xMAXIMUSx · June 3, 2021, 4:59am

If you are asking if you can connect to the port you have specified as giga 0/0 then no, you cannot do that. That port is a trunk port from pfsense.

Also this might be helpful to you to watch

mariem56 · June 3, 2021, 6:39am

Thanks! I’ll test it right away… So if my access point IP addr is 10.10.6.50 which is part of VLAN10 I need to add that on my Unifi Controller right? I’m wondering how to set-up a DHCP relay for this but I’ll test it first.

EDIT:
I think I don’t need DHCP relay for Router on a Stick setup right? I actually tested my setup and its working now! Thank you!