Environment:
[ul]
[li]Several daisy-chained Ubiquiti Unifi switches with uplink/daisy-chain ports configured as VLAN trunks[/li]
[li]pfSense appliance with an interface assigned to physical port em4 (no VLAN; default/untagged). A VLAN (id:31) is separately defined with parent interface em4 (this becomes VLAN 31 on em4 - opt4). The physical interface is connected to a UniFi switch port with an assigned port profile where VLAN 30 is the native network and VLAN 31 is tagged. pfSense handles DHCP services on both em4 and em4 - opt4.[/li]
[li]Several Mitel Aastra 6867i phones with LAN port VLAN tag manually set to 31. The phones' PC ports have default VLAN configuration (untagged/default VLAN 1). The phones connect to switch ports configured for the same port profile as the switch port to which pfSense connects (tagged VLAN 31, native/untagged network/VLAN [pvid] 30).[/li]
[/ul]
Screenshot of phone VLAN configuration:
As expected, the phones acquire DHCP-assigned IP addresses from the service running on pfSense interface em4 - opt4 (VLAN 31). But computers connected to the phones' PC ports do not acquire DHCP-assigned addresses from the service running on pfSense interface em4 (default/untagged VLAN 30). However, if phones are temporarily bypassed and computers connected directly to the switch ports (to which the phones are normally connected), the computers do acquire DHCP-assigned addresses from the service running on pfSense em4 (default/untagged VLAN 30). It seems the phones are not passing DHCP requests from the computers to the switch ports. Packet capture on the pfSense appliance seems to support this. I see no DHCP requests from computers when they are connected through the phones.
This seems to suggest a problem with phone configuration, but I'm not sure where to go from here. Any suggestions?
[ul]
[li]Several daisy-chained Ubiquiti Unifi switches with uplink/daisy-chain ports configured as VLAN trunks[/li]
[li]pfSense appliance with an interface assigned to physical port em4 (no VLAN; default/untagged). A VLAN (id:31) is separately defined with parent interface em4 (this becomes VLAN 31 on em4 - opt4). The physical interface is connected to a UniFi switch port with an assigned port profile where VLAN 30 is the native network and VLAN 31 is tagged. pfSense handles DHCP services on both em4 and em4 - opt4.[/li]
[li]Several Mitel Aastra 6867i phones with LAN port VLAN tag manually set to 31. The phones' PC ports have default VLAN configuration (untagged/default VLAN 1). The phones connect to switch ports configured for the same port profile as the switch port to which pfSense connects (tagged VLAN 31, native/untagged network/VLAN [pvid] 30).[/li]
[/ul]
Screenshot of phone VLAN configuration:
As expected, the phones acquire DHCP-assigned IP addresses from the service running on pfSense interface em4 - opt4 (VLAN 31). But computers connected to the phones' PC ports do not acquire DHCP-assigned addresses from the service running on pfSense interface em4 (default/untagged VLAN 30). However, if phones are temporarily bypassed and computers connected directly to the switch ports (to which the phones are normally connected), the computers do acquire DHCP-assigned addresses from the service running on pfSense em4 (default/untagged VLAN 30). It seems the phones are not passing DHCP requests from the computers to the switch ports. Packet capture on the pfSense appliance seems to support this. I see no DHCP requests from computers when they are connected through the phones.
This seems to suggest a problem with phone configuration, but I'm not sure where to go from here. Any suggestions?
