Creating VLANs

VLANs are first created outside bridges before being connected to a bridge specifically created to allow them to pass through the tunnel.

On each firewall that is part of the GRETAP tunnel, in Configuration > Network > Interfaces:

Creating the incoming VLAN 10

In Configuration > Network > Interfaces:

  1. Click on Add.
  2. Select VLAN > No parent interface.
  3. Go to the General configuration tab.
  4. In the Status section, put the cursor on ON.
  5. In General settingsName field, name the VLAN (vlan_10_1 in the example).
  6. In General settings > Parent interface field, select the interface that hosts the incoming VLAN (in interface in the example).
  7. In General settingsID field, select the 802.1q identifier associated with the VLAN (10 in the example).
  8. In General settings This interface is field, select Internal (protected).
  9. In Address range: leave the Address range field as Dynamic / Static and the IPv4 address field as Dynamic IP (obtained by DHCP).
  10. Click on Apply.

Creating the outgoing VLAN 10

In Configuration > Network > Interfaces:

  1. Click on Add.
  2. Select VLAN > No parent interface.
  3. Go to the General configuration tab.
  4. In the Status section, put the cursor on ON.
  5. In General settingsName field, name the VLAN (vlan_10_2 in the example).
  6. In General settings > Parent interface field, select the interface that hosts the outgoing VLAN (Gretap_VLAN interface in the example).
  7. In General settingsID field, select the 802.1q identifier associated with the VLAN (10 in the example).
  8. In General settings This interface is field, select Internal (protected).
  9. In Address range: leave the Address range field as Dynamic / Static and the IPv4 address field as Dynamic IP (obtained by DHCP).
  10. Click on Apply.

Connecting both VLANs to a dedicated bridge

In Configuration > Network > Interfaces:

  1. Select vlan_10_1 and vlan_10_2 from the list of interfaces.
  2. Click on Add.
  3. Select Bridge > With vlan_10_1, vlan_10_2.
  4. Name: enter the name of the bridge (BridgeVlan10 in the example).
  5. IPv4 address: leave it as Dynamic IP (obtained by DHCP).
  6. Click on Apply.

Creating VLAN 20

Following the method described earlier, create vlan_20_1 and vlan_20_2 with the ID 20, connected respectively to the in and gretap_VLAN interfaces, then placed under a new dedicated bridge named BridgeVlan20 in the example.

The bridges and their connected VLANs will then appear in the list of interfaces:

By scrolling over the in interface, you will be able to check whether VLANs vlan_10_1 and vlan_20_1 have been attached to it:


Likewise for the interface gretap_VLAN and VLANs vlan_10_2 and vlan_20_2: