[Solved] Can't get VLANs working in pfsense on a single NIC host

[kevpatts]

So I'm working on getting this topology working. I'm struggling getting the VLANs working on the proxmox/pfsense installation. I've only setup vLAN 5 so far just to simplify for testing.

I have confirmed that the WiFi AP is assigning the "Personal" SSID with vLAN 5 and the device connecting is sending DHCP traffic on vLAN 5 to the proxmox box (used wireshark on port 2 of the "near" switch to confirm this).

At the moment I have:

1. Made the bridge vLAN aware
2. Configured 3 generic NICs on the pfsense guest and configured them in pfsense as WAN, LAN and VLAN 5 (tagging only done on the pfsense VM)
3. Setup DHCP on vLAN 5 in pfsense

Found a lot of conflicting guides on setting up vLANs correctly so hoping someone can help me.

 

[kevpatts]

To do some more testing I set up another VM on br0 (the only bridge) with vLAN tagged as 5 on the proxmox NIC config. This is working and using wireshark I can see DHCP discover packets on the network under vLAN 5.

It's as if proxmox is stripping the vLAN tags off the packets from pfsense?

 

[kevpatts]

I read on another post that "when management IP and gateway from the native vlan is assigned to a vlan aware bridge, all traffic is untagged". Is this the case? If so is there a way to prevent this?

 

[kevpatts]

fixed it by following this: https://forum.proxmox.com/threads/1-nic-vlans-and-wan-lan-vlan-opnsense.104036/

Seems I needed to reboot the entire server after making changes, so nothing I was trying was even taking effect!