Trouble with Proxmox - pfSense - Unifi

Astraea

Renowned Member
Aug 25, 2018
196
25
68
I am in the process of rebuilding my network and have changed the design. Previously I had the following topology: Proxmox Node -> Switch -> Switch -> Virtual pfSense. The first switch where Proxmox was connected to is where all the nodes were located with 2 interfaced bonded with LACP, there was also IPMI connections on that switch as well. The second switch took connections from the other various switches in the server room and in the house and then connected to the Proxmox node that housed pfSense which the 4 interfaces were bonded together and passed to pfSense via a bridge, I also had my Unifi AP connected to the same switch. Both switches I am referencing are managed and had the VLANs assigned in order to have Unifi have a second SSID that used a VLAN that went to pfSense to allow for a second DHCP server and firewall rules.


Now what I am trying to do is change it so that the main switch that all the switches and AP connect to is not needed. I setup a Proxmox node with multiple interfaces and created the required bonds and bridges and everything was working until I added the AP. I can get the SSID to work when there is no VLAN assigned but when I specify a VLAN that is configured in pfSense I get no IP address on my phone.

I have tried switching everything from Linux bridges and bond to OVS and the results were that nothing could communicate in or out of the pfSense even directly connecting to pfSense and specifying an IP I could not get to the web UI.


Ideally, I am trying to have the following setup:
Switch 1 is on VLAN 1 which is the default and uses the IP of 10.1.10.11, connected to that switch are 5 Proxmox nodes via 2 interfaces each which are bonded in Proxmox and also on the switch. The switch has these ports using an untagged VLAN of 20. There are also 4 IPMI connections that are on a native VLAN of 10.

Switch 2 is on VLAN1 as well and uses the IP of 10.1.10.12, connected to it are the same 5 Proxmox nodes with another 2 interfaces each that are bonded together as well on the untagged VLAN of 40 via the switch.

Switch 3 is on VLAN1 as well and uses the IP of 10.1.10.13, connected to it are 4 NAS devices (QNAP and FreeNAS) with 2 interfaces each that are bonded together as well on the untagged VLAN of 30 via the switch.

The last interface that the last Proxmox node is connected to the Unifi AP. This is where I want 4 SSIDs, Family (VLAN 50), Guest (VLAN 60), Security (VLAN 70), Printers (VLAN 80).

I am at a loss at this point as to why moving from Linux switches to OVS has made the pfSense not function and why I cannot get a VLAN tag from the Unifi AP to pfSense working.
 
This one makes me feel silly, I used another switch while testing the AP to allow me to reset it as well as having be able to see the controller once it was set to the right inform URL. The downside is I did not configure It for VLANs so as you can imagine my problem was human error. On the plus side, OVS is nice and I'll still with it over the traditional setup but it was probably not required.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!