Hi,
Unfortunately, I have some problems in my new home network project. I will specify is further, but maybe at firts I know about VLAN. In the past, I often worked with HPe switches, so that’s nothing new. But what is new for me is OPNsense and also Mikrotik.
I have a four Port miniPC which I want to use for OPNsense as my Firwall/Router. On Port 1 is my internet. Port 2 is empty, and Port 3 and 4 should get a similar configuration. I would like these as trunk port with VLan 10 and 30.
On the HPe switches like:
vlan 10 tagged 3,4
vlan 30 tagged 3,4
The standard/native vlan1 is unused. The first problem for me was to span one vlan over multiple ports. After some reading I found out, that is not provided on OPNsene, and I should better buy an extra switch for that. But I would like to save some money, because it was already expansive, and also it already eats much more enegry than my setup before.
So workaround is to configure the same vlan for every parentinterface. Like example Vlan Work Tag 30:
vlan0.30.1 parent interface Port 3
vlan0.30.2 parent interface Port 4
for these vlans I created a Bridge which is Called Work. The Bridge is set the IP 192.168.30.1/24 and activated DHCP for it.
Same with my Home VLan Tag 10
vlan0.10.1 parent interface Port 3
vlan0.10.2 parent interface Port 4
Bridge LAN 192.168.178.1 (178 is only historical 
) DHCP on.
All these I want on two different Mikrotik hap ax3 which will get nearly the same config. One for my Office, one for my living room.
Mikrotik office VLan 10 IP 192.168.178.11
Mikrotik office VLan 30 IP 192.168.30.11
Here, my ether1 will be the trunk uplink. ether 2-4 will be untagged vlan 10 ether 5 will be untagged vlan 30 and one Wi-Fi vlan 10 one vlan 30.
At the moment, most of it works. Every client in every Vlan gets IPs from the OPNsense. But sometimes I have strange behaviors. Like, I have two LAN clients on Ether 2 and Ether 4. Both gets IPs from VLan 10 in the 192.168.178.0/24 range. But both cant ping the Mirkotik on 192.168.178.11. But I can Ping the Gateway (which is my OPNsense 192.168.178.1/192.168.30.1) and internet is also running.
Now I tried to ping from the Mikrotik at self and just when I started the ping there one of my client get ping answers from the microtik. But one still not? Can be here some ARP problems?
Anyway, all clients cant Ping the Mikrotik on 192.168.30.11 also from the Mirotik I can’t ping the OPNsene on 192.168.30.1, but all clients can reach it.
So I am afraid that I have multiple Problems in my Setup, but because OPNsense and also Mikrotik is new for me, I don’t know where. I am also confused, that all clients are working like they should, I just have these strange ping behavior.
I have a drawing about my Network and also the config from my Office-Mikrotik attached.
mikrohapax.txt (2.11 KB)
Home.drawio-1.pdf (56.3 KB)