{"id":332,"date":"2022-03-04T15:22:57","date_gmt":"2022-03-04T21:22:57","guid":{"rendered":"https:\/\/techexperiencemx.com\/?p=332"},"modified":"2022-03-07T11:16:17","modified_gmt":"2022-03-07T17:16:17","slug":"vlans","status":"publish","type":"post","link":"https:\/\/techexperiencemx.com\/?p=332","title":{"rendered":"VLANs Pfsense"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Hola buen d\u00eda hoy vamos a ver Vlans en Pfsense esta opci\u00f3n es de muy buena ayuda ya que por lo general tenemos una sola nic ethernet y esta opci\u00f3n podemos tener varias subredes dentro de nuestra intranet para que me puede servir esto??? bueno a grandes rasgos y sin profundizar generalmente el tener vlan aumentara la seguridad de nuestra red tambi\u00e9n podemos aislar, dividir,segementar si tenemos un servidor web,multimedia,archivos o como hoy en d\u00eda nuestros dispositivos \u00abIOT\u00bbesto sumando Pfsense como router\/firewall es una combinaci\u00f3n muy buena para poder tener control sobre toda la red y subredes<\/p>\n\n\n\n

Ejemplo<\/p>\n\n\n\n

red de mi casa<\/p>\n\n\n\n

192.168.0.1\/24<\/p>\n\n\n\n

IOT<\/p>\n\n\n\n

192.168.50.1\/24<\/p>\n\n\n\n

servidor web<\/p>\n\n\n\n

192.168.100.1\/24<\/p>\n\n\n\n

para poder realizar esto es necesario un switch compatible con vlans ejemplo el mio es HP-2530-24G<\/em> <\/p>\n\n\n\n

dependiendo de tu switch deberas de iniciar sesion para poder configurarlo en mi caso me es mas f\u00e1cil iniciar por ssh<\/p>\n\n\n\n

ejemplo como yo utilizo Mac deber\u00e9 entrar por terminal ssh pruebas@192.168.0.1 posteriormente ya dentro de la interfaz tendremos menu de switch entraremos en: <\/p>\n\n\n\n

Switch configuraci\u00f3n——Vlan—–Vlan Names<\/mark><\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

tendremos que configurar algunas cosas <\/p>\n\n\n\n

802.1q vlan id :<\/mark><\/p>\n\n\n\n

aqu\u00ed tendremos que poner el numero de puerto donde pondremos nuestro primer servidor ejemplo pondr\u00e9 un servidor puerto 15 del switch este puerto es f\u00edsico<\/p>\n\n\n\n

Name <\/mark><\/p>\n\n\n\n

aqu\u00ed ponemos un nombre para poder identificarlo <\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Nos moveremos a la secci\u00f3n:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

switch configuraci\u00f3n——–Vlan—–Vlan port Assignment<\/mark><\/p>\n\n\n\n

veremos el nombre de nuestra vlan creada ejemplo \u00abvlan prueba\u00bb<\/p>\n\n\n\n

Vlan pruebas————Tagged (T)<\/p>\n\n\n\n

aqu\u00ed nos movemos hasta el puerto de la vlan en mi caso 15 <\/p>\n\n\n\n

default vlan ————No<\/p>\n\n\n\n

Puerto (port) 15———Untagged (U)<\/p>\n\n\n\n

Bien dejaremos el switch ya que nos trasladaremos al Pfsense y iniciamos sesi\u00f3n<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Nos dirigimos:<\/p>\n\n\n\n

Interfaces—–Assigments<\/mark><\/p>\n\n\n\n

Nos aparece OPT1 aqu\u00ed seleccionamos Vlan creada en la secci\u00f3n anterior y solo guardamos <\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

<\/p>\n\n\n\n

Nos Dirigimos:<\/p>\n\n\n\n

Interfaces——Assigments—–Vlans<\/mark><\/p>\n\n\n\n

Configuraci\u00f3n:<\/p>\n\n\n\n

Parent Interface : seleccionamos la interfaz lan <\/p>\n\n\n\n

Vlan Tag : aqu\u00ed agregamos el puerto vlan configurado en el switch <\/p>\n\n\n\n

Vlan Priority : lo dejamos en 0 <\/p>\n\n\n\n

Descripci\u00f3n : una peque\u00f1a descripci\u00f3n para identificar la vlan<\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Nos movemos:<\/p>\n\n\n\n

Interfaces——–OPT1<\/mark><\/p>\n\n\n\n

Configuraci\u00f3n :<\/p>\n\n\n\n

Descripci\u00f3n : nombre de la intefaz <\/p>\n\n\n\n

IPv4 Configuration : static IPv4<\/p>\n\n\n\n

IPv4 Address : Elegimos la ip que usaremos en la nueva interfaz ejemplo 192.168.2.1\/24<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Nos dirigimos :<\/p>\n\n\n\n

Services——-DHCP server——–Nombre de la interfaz creada (vlan)<\/mark><\/p>\n\n\n\n

Configuraci\u00f3n <\/p>\n\n\n\n

Enable DHCP<\/p>\n\n\n\n

Range : desde donde empieza asignar las IPs y donde terminara <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Por Ultimo<\/p>\n\n\n\n

Firewall—–Rules—-interfaz vlan<\/mark><\/p>\n\n\n\n

Add rule to the top \"\"<\/p>\n\n\n\n

Action : Pass<\/p>\n\n\n\n

interface : vlan name<\/p>\n\n\n\n

Protocol : Any<\/p>\n\n\n\n

Source : any<\/p>\n\n\n\n

Destination : any<\/p>\n\n\n\n

<\/p>\n\n\n\n

Salvamos<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

esta ultima configuraci\u00f3n deja entra todo trafico hacia la interfaz dependiendo de tus necesidades deber\u00e1s de ir agregando reglas en esta secci\u00f3n del firewall <\/p>\n\n\n\n

<\/p>\n\n\n\n

Bien esto es todo gracias por tu lectura <\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Hola buen d\u00eda hoy vamos a ver Vlans en Pfsense esta opci\u00f3n es de muy buena ayuda ya que por lo general tenemos una sola nic ethernet y esta opci\u00f3n podemos tener varias subredes dentro de nuestra intranet para que me puede servir esto??? bueno a grandes rasgos y sin profundizar generalmente el tener vlan […]<\/p>\n","protected":false},"author":1,"featured_media":333,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[16],"tags":[],"class_list":["post-332","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pfsense"],"_links":{"self":[{"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/posts\/332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=332"}],"version-history":[{"count":0,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=\/wp\/v2\/media\/333"}],"wp:attachment":[{"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techexperiencemx.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}