Okay... I thought it worked like this...
Pfsense would handle tagging of vlans for the portgroups that contain VMs and the netgear switch would handle tagging of devices physically connected to it. If there is a way to just have one do all the work maybe that's easiest?
"If you going to remove the tagging via a port group on vswitch then you would need multiple interfaces in pfsense tied to that specific port group
Maybe I'm missing something fundamental here...
Why would I ever want to remove any tagging? The purpose here is to tag and organize everything into LAN, vlan10, and vlan20. LAN being native may not need to be tagged if the default is pvid=1."If your going to let pfsense work out the tagging then you would pass all the tagged and untagged traffic to pfsense via the 4095 port group and pfsense would see the tagged traffic on its vlan interfaces and then any untagged traffic would hit the naked vm nic."
This just sounds much more reasonable, no?
I used this as guide initially - https://calvin.me/vlan-pfsense/
. Granted this person has 2 nics but my setup is a bit like it with just 1 nic.
Per this link, LAN has 4095 and all other vlans are set in pfsense it seems. You don't "create" vlans in exsi, correct? It's just for grouping/labeling purposes right?
With this and the screenshots I posted in mind, how can I achieve this using the netgear and esxi?
NOYB suggested putting wan on a vlan because I have 1 nic. How can I then have vlan10 and vlan20 encompassing VMs in pfsense and physical connections on the netgear, all with internet access?