Port 1 will be used to connect back to pfSense’s parent interface. Configure Port 1 for trunk access to pfSense We’ll now configure each of the ports as outlined above using the VLAN tags we have just setup. When you have finished your page should look like this. Navigate to VLAN > 802.1Q > Advanced > VLAN Configuration, accept the warnings that enabling the advanced mode will erase existing VLAN settings. You should now be able to load up the configuration tool, select the GS108E and log in with the default password of password.įirst lets add the VLAN ID’s we plan to use. To connect to the switch set your local NIC to a static address in the same subnet as the switches default address, for example 192.168.0.200. The default IP address of the GS108E is 192.168.0.239. I’ll walk through how to configure the switch to support the connections outlined in the able below. If you decide to go down this route, try and obtain a v3 model as this enables configuration via a web interface as opposed to needing a custom configuration utility which is only available for Windows. The Netgear GS108E is available cheaply new, and even cheaper used from eBay and makes a useful enough semi-managed switch capable of supporting multiple VLANs. Here’s a diagram to help illustrate my configuration. Some of my file servers and devices generate a substantial amount of traffic and not having to push all this traffic through pfSense allows it to better handle the load it does need to process. This enables our switch to handle local subnet traffic switching whilst retaining pfSense to firewall inter-subnet traffic. Its called a ‘router-on-a-stick’ because of the single trunk cable connecting the 802.1Q capable switch to our pfSense router. These Virtual LAN segments are connected back to pfSense in a ‘router-on-a-stick’ configuration. For example, the video surveillance system is confined to a single VLAN and has very limited abilities to communicate with devices in other subnets and the internet and my gaming consoles have prioritisation to ensure smooth and problem free network play. Without VLANs it would be tough to provide enough network interface connections to enable me to apply strict firewall rules and traffic prioritisation to support my needs. My recent pfSense guide makes extensive use of virtual LANs (VLANs) to provide enough network segments to facilitate the segregation of devices into the following categories Description Due to the uneccessary and additional complication of having to resort to using a specific configuration utility with the GS108Ev2 product featured in this guide, I would advise readers look for the updated v3 product which provides a web-based management interface. PfSense router-on-a-stick VLAN configuration with a Netgear GS108E Last revised 28 February 2018.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |