Vlan problem in replacing USG with pfSense

Hi Experts,

My USG has failed for the 2nd time so I’ve got a Netgate SG-1100 with pfSense to replace it.
I can get everything communicating fine on the LAN port thru the original VLAN1, 192.168.91.0/24.

I’m stuck rebuilding my vlans for segregation, as i used with the USG.
I have setup up an IOTVLAN, tag 93, to the only interface available on the SG-1100, x.x.91.1.
Added an IOT interface for this IOTVLAN.
Enabled the interface (static) and assigned it 192.168.93.1/24
Enabled DHCP server on IOT interface, allowing all clients.
Added a firewall rule to Pass all, any protocal, any source, any destination. (no segregation rules yet)
saved and applied all of these.
i have a UNIFI US-8-60W for a managed switch.
in it, I’ve added a new network, IOTUNIFI, tag 93.
There is not a vlan-only setting in this controller version, 6.2.26.
(the first indication of trouble is possibly the subnet assignments)
setup the IOTUNIFI with DHCP mode none.
All ports on my US-8 are set to all port profiles
I plug in my laptop and get no DHCP assignment.
hard code an IP, X.X.93.101, and still get no connection to the network.
i set the laptop ip to x.x.91-210 and both (91.1 & 93.1) reply to pings

It looks like i’m missing an IOTVLAN to LAN connection. Or to WAN?
Is my rule “allow all” on IOT not configured correctly?

image




image

Thanks in advance for any help anyone can give.
Nick

I am totally not an expert, but as you write you use the Sg-1100, maybe this helps?

https://www.youtube.com/watch?v=Bp_B79-WLlU

Thanks.
This is one of his videos i hadn’t seen yet.
checking it now.

That was exactly it.
Tom’s other videos didn’t mention adding the tags when using the SG-1100 & XG-7100.

Thanks so much.