Solved: New Real / Virtual Machines Cannot Exit the WAN on a specific vLAN

Would really appreciate any kind of pointers on my issue.

Over the last week or so, I’ve noticed that either newly built virtual machines or new physical machines (which have never connected to the network) cannot exit via the WAN via a specific vlan.

I can ping devices across same vlan, I can access services as usual on my network but cannot bring up an internet page. For older machines I can do everything as normal. At first I thought it was my Proxmox server and possibly DNS, but then connected a new laptop to discover the issue.

Have pfSense, did a rebuild of my main switch (it looks ok to me), cleared the states table, but can’t seem to see what the problem is.

If I move the offending machine to another vlan, everything works.

Any input would be helpful :sob:

What are your firewall rules for this VLAN? pFSense is default-deny, so if a rule doesn’t exist allowing that VLAN to the internet (destination network of WAN), it won’t go.

My rules look like this:

They have worked ok for a few years, they are similar for other vlans.

When I create a new vm on this vlan it will not exit the WAN, however, an existing vm (and my laptop) has no problems. For the life of me I can’t see what the issue might be other than the age when the device joined the network.

Whether it’s DHCP or Static IP, doesn’t make any difference.

@brwainer thanks for the input, it helped me identify my config error, for some reason I had the following checked in that vlan, I only use that on my management vLAN