I have been knocking my head against the wall because of this issue. Hopefully some can provide a suggestion.
Here is my setup:
I have a pfSense device connected to a Netgear GS724Tv2 switch on ports 23 and 24 in lagg mode (roundrobin since the Netgear does not fully support LACP). These ports are TAGGED for both VLAN1 and VLAN5 on the switch (VLAN1 is default for the switch). I have a Linksys WRT54GL router with dd-wrt connected to port 2 on the Netgear switch. Port 2 is also TAGGED for both VLANs. The Linksys router has the default WIFI on VLAN1 and a virtual WIFI on VLAN5. VLAN1 is for my trusted LAN devices. VLAN5 is for hotspot users.
Internet-----pfSense-------Netgear Switch-------Linksys------VLAN1
Internet-----pfSense-------Netgear Switch-------Linksys------VLAN5
Everything works except accessing the switch from the TAGGED ports. When connected via WIFI on VLAN1, I cannot access the Netgear management web page nor can I ping the router (ping produce host unreachable). The same applies from the pfSense device as well, I cannot ping the Netgear switch. All other devices on VLAN1 can communicate with each other as well as access the net. VLAN5 is not accessible from VLAN1 (which is the desired behavior) and VLAN5 has net access.
Is this the expected behavior for TAGGED VLAN ports? The Netgear management page is fully accessible and the switch is pingable from any of the other devices connected directly to the Netgear switch. All the other Netgear ports are in UNTAGGED mode in the default VLAN1. I have tried playing around with different setting by switching between TAGGED and UNTAGGED ports, but other settings seems to break the network. What am I doing wrong?
Any suggestion very much appreciated.
Update: My diagram didn't display as expected so I create two separate links for the VLANs. Keep in mind the VLANs are on the same physical connections.
Here is my setup:
I have a pfSense device connected to a Netgear GS724Tv2 switch on ports 23 and 24 in lagg mode (roundrobin since the Netgear does not fully support LACP). These ports are TAGGED for both VLAN1 and VLAN5 on the switch (VLAN1 is default for the switch). I have a Linksys WRT54GL router with dd-wrt connected to port 2 on the Netgear switch. Port 2 is also TAGGED for both VLANs. The Linksys router has the default WIFI on VLAN1 and a virtual WIFI on VLAN5. VLAN1 is for my trusted LAN devices. VLAN5 is for hotspot users.
Internet-----pfSense-------Netgear Switch-------Linksys------VLAN1
Internet-----pfSense-------Netgear Switch-------Linksys------VLAN5
Everything works except accessing the switch from the TAGGED ports. When connected via WIFI on VLAN1, I cannot access the Netgear management web page nor can I ping the router (ping produce host unreachable). The same applies from the pfSense device as well, I cannot ping the Netgear switch. All other devices on VLAN1 can communicate with each other as well as access the net. VLAN5 is not accessible from VLAN1 (which is the desired behavior) and VLAN5 has net access.
Is this the expected behavior for TAGGED VLAN ports? The Netgear management page is fully accessible and the switch is pingable from any of the other devices connected directly to the Netgear switch. All the other Netgear ports are in UNTAGGED mode in the default VLAN1. I have tried playing around with different setting by switching between TAGGED and UNTAGGED ports, but other settings seems to break the network. What am I doing wrong?
Any suggestion very much appreciated.
Update: My diagram didn't display as expected so I create two separate links for the VLANs. Keep in mind the VLANs are on the same physical connections.
Last edited:
