I’ve checked out multiple tutorials from both Lawrence Systems and Crosstalk Solutions, and I have hit a wall.
I have WAN coming into pfSense and LAN set to a 10.10.1.0/24 network with VLANs 10, 20, and 69. The interfaces and DHCP servers (ranges .10 - .245) have all been setup.
In unifi, I have created wireless networks with the respective VLANs as well as one for the LAN. When connecting to the LAN wireless network, everything works fine. However, when connecting to any of the VLAN wireless networks, all clients fail to configure with an IP address. In the Unifi Controller, I can see outbound traffic, but nothing inbound to the client(s). Even if I set a static IP for a client, there is no internet connection.
In the Dell PowerConnect, I have pfSense connected on Port 1 with Untagged LAN and Tagged with all VLANs. I then have the same settings on Port 8 connecting to the UAP-AP-Pro.
Example of client trying to connect:
Been years since I have looked at the PowerConnect switch, but it sounds like that is where the issue is. If I recall correctly the default way those handle VLAN’s is to drop any traffic not properly defined. That is assuming you have the VLANs properly configured in pfsense & unifi https://youtu.be/b2w1Ywt081o
Yes, that would rule out if it was the Dell Switch.
If you are only using the AP’s you just need to specify the VLANs there.
Do you happen to have another Linux machine. I have setup my pi to test vlans on a switch. I am thinking if it works for pi should work for Debian derives distros.
It’s only one file. I turned it on for a pi in my rack running pihole. It allows me to know all vlans are working a quick check if I need it. Only needed it once when I accidentally plugged something in wrong port. THis quick check made me realize what I did.
I think I need some clarification. Is your AP connected and setup on your UniFi controller? Also do you have a trunk port going from pfsense to your AP?
From my experience using openwrt, you need to identify the vlan ID for the device to actually look for vlan packets. And usually a firewall zone for the vlan ID as well, that’s a mirror of LAN.
This sounds a LOT like the problem I was going to post. On your devices on the vlan, are you getting IPs in the 169.254.x.x/255.255.0.0 range? That’s what I’m getting, meaning the DHCP seems to be failing.
I’m using an ESXI hyperV on an old Dell Poweredge 710, with pfSense in a VM, along with a Unifi Switch and AP. No VMs can get IPs in range of the DHCP.
