Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Firewalla Gold - VLAN Woes

Follow
Avatar
Rafael Nieves
  • Edited

Moving from a Ubiquiti EdgeMax router to a Firewalla Gold. I'm trying to replicate the set up but am having a hard time.

My Ubiquiti is set up this way:
The .3 network is set up to be DHCP. All the others are static. Devices in one subnet can see devices across all subnets. Devices that don't have a static IP are kicked over to the .3 network automatically.

Here is my Firewalla Gold Setup:
Ended up making .3 default so that I could get a dynamic IP.

Problem is: If I try to assign myself a static IP to get on one of the VLANs the firewalla doesn't seem to even acknowledge the existence of the device on the VLAN. Also don't know if this set up will allow me to traverse VLANs or if devices will be stuck only seeing other devices through their own VLAN.

Any assistance you can provide would be greatly appreciated.

Thanks

1

Comments

4 comments

Sort by Date Votes
  • Avatar
    James Willhoite

    Are you connecting via Wireless or Wired? Are your switches "tagged" on the correct ports? Is the Wireless SSID set up with VLAN tags? I see you are "tagging" two ports on the FWG, is that needed?

    I've got multiple VLAN's also. All DHCP but I leave a block open for static if needed. Here is my FWG config

     

    I have one wire coming from my FWG to my Switch. (Note* on NetGear Switches there is already a VLAN 1 defined as "Default" to be careful with that. It might not work as expected).

    1
    Comment actions Permalink
  • Avatar
    Michael Bierman
    • Edited

    Hi Rafael,

    I'm not quite following what the issue is... 

    If you want to connect to the vlan you can either use a device that lets you specify the VLAN tag and connect to a port that allows traffic to/from that VLAN (e.g. a trunk) or you can use a managed switch with a port configured to default to that VLAN tag.  Depending on how you set the ports on your switch determines how untagged traffic goes. 

    For each VLAN you can have DHCP on or off. If it is on you can still assign IPs if needed. You can also decide if you want to quarantine devices that just appear on the VLAN. 

    1
    Comment actions Permalink
  • Avatar
    Rafael Nieves

    Well, interestingly enough, I didn't know about VLAN tags and how to use them. Stuff just worked (most likely because it was all Ubiquiti hardware). While setting up the Firewalla Gold using some computers connected directly to the router (outside the live environment) I had some problems. Once I got a managed switch involved, things started working. Thanks for your responses.Tagging makes a lot of sense and I plan on leveraging for some other use cases.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    No worries. If you haven't seen them already, these are helpful. 

    Firewalla Tutorial: Network Segmentation Example with VLAN
    Firewalla Gold: Triple Play VLAN

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post