TransWikia.com

intervlan routing with PfSense

Network Engineering Asked by BocajNET on September 30, 2021

I Need some guidance on getting my lab networking configured. Any support is appreciated.

My Lab consists of:

2 cisco switches: 2960s(access layer 2) and 3750X(ip routing/layer 3) 
Xenserver with PFsense 6 eth ports

4 Vlans on the cisco switch configured:

vlan1   svi 192.168.68.0/24 
vlan100 svi 192.168.1.0/24
vlan200 svi 192.168.2.0/24
vlan600 svi 192.168.6.0/30 (transit network L3 to Pfsense)

I am working on setting up Intervlan routing, but cant see the vlan interfaces in PFsense…

Would I need a trunkport with 801.q, a /30 vlan, or a routed non-switchport connected to PFsense LAN/OPT?

Im following this guide but not able see VLan interfaces or establish communication with the Firewall and switch.

https://greigmitchell.co.uk/2019/08/configuring-intervlan-routing-with-a-layer-3-switch-and-pfsense/

Thanks for your time.

One Answer

  1. In case if you are using Cisco3850 or any other layer3 switch

You can create svi in layer3 switch and connect firewall inside interfàce(LAN) to layer3 switch (no-switchport interface ) Configure firewall inside interface with ip address 192.168.68.2 and switch interface leave as it is For example Switch(config)# int f0/1 Switch(config)#no shutdown /*This interface ip will be vlan1 ip that is 192.168.68.1 this switch interface will connect to firewall LAN interface 192.168.68.2

Have a default route in layer3 switch

In layer3 switch

Ip route 0.0.0.0 0.0.0.0 192.168.68.2 (pointing towards firewall inside interface gateway

In firewall add route

ip route 192.168.68.0 255.255.255.0 192.168.68 .1

ip route 192.168.1.0. 255.255.255.0 192.168.68.1 Ip route 192.168.2.0 255.255.255.0 192.168.68.1 Ip route 192.168.6.0 255.255.255.248 192.168.68.1

Remaining configuration as usual in firewall configuration.....natting , default route in firewall pointing towards isp gateway for internet access and for reverse traffic for incoming traffic

In layer3 switch

Svi configurations , DHCP pool configuration if required , access-list configuration to restrict traffic among vlans , spanning -tree configuration..

. 2) In case if your are using C2960 layer2 switch

If your are using c2960 switch then this switch is layer2 switch you should create subinterface in firewall and connect switch 2960 and configure switch port as trunk connectiing firewall . ....

Answered by Sagar Uragonda on September 30, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP