VLAN configuration can also be done within the web GUI, along with any other tasks related to the setup of VLANs (for example, DHCP and rule creation):

1. Log in to pfSense with the web browser of your choice and navigate to Interfaces | (assign).
2. Click on the VLANs tab and you will see a table with any previously created VLANs. Click on the + Add button to add a new VLAN.
3. On the VLAN Configuration page, the first setting is the Parent Interface drop-down box. Select the interface you want to be the parent interface of your VLANs. Next is the VLAN Tag edit box. Valid values for this field are 1 to 4094; you shouldn't use 1, but you can use any other values up to and including 4094. Some low-end managed switches may have problems with larger numbers, so you may want to use low numbers (2 to 8) if you have one of these.
4. The VLAN Priority edit box was added with pfSense 2.3. This allows you to utilize the 802.1Q priority code point (PCP) field. This is a 3-bit field that makes reference to the IEEE 802.1p class of service. 802.1p defines how traffic should be treated based on the value of this field. Although the values of the field range from 0 to 7, a value of 1 causes traffic to have the lowest priority, while 7 causes traffic to have the highest priority. A value of 0 causes traffic to receive best effort treatment. As you can see, if you know what type of traffic is going to be prevalent on the VLANs you are creating, you can set the VLAN Priority value accordingly. Otherwise, you can set this value to 0.
5. The last field, Description, allows you to enter a non-parsed description of the VLAN. When you are done making changes, click on the Save button at the bottom.

In the first series of steps, we have only created the VLANs and have not assigned them to interfaces, so in the next step, we must return to the Interface assignments tab. There will be a table on which all interface assignments up to this point will be shown, and you can add VLAN assignments by selecting one of the VLAN interfaces created in the previous step from the drop-down box in the last row (the one labeled Available network ports:) and clicking on the Add button. Repeat this process for as many VLANs as you created in the previous step:

1. Once interface assignment is complete, the next step is to configure each of the VLANs.
2. They will be given generic default names (OPT1, OPT2, and so on); click on the first VLAN in the Interface column. This will load the Interface Configuration page.
3. In the General configuration section, check the Enable check box. In the Description field, you can rename the interface.
4. In the IPv4 Configuration Type drop-down box, you will likely want to choose Static IPv4. If your VLAN is going to support IPv6, you will likely want to choose Static IPv6 in the IPv6 Configuration Type drop-down box. Depending on whether you selected IPv4, IPv6, or both, you will have to enter IPv4 and/or IPv6 addresses in the sections below the General configuration section. Note that you must enter both the IP address of the interface and the CIDR.
5. For IPv4 Upstream Gateway and IPv6 Upstream Gateway, you can leave these drop-down boxes set to None.

The rest of the fields you can likely leave unchanged, but if you are having problems with dropped frames, you may want to enter a larger value in the MTU field.

When you are done making changes, click on the Save button at the bottom of the page. Once you have clicked on the Save button, you must click on the Apply Changes button at the top of the page for the changes to take effect. Repeat the interface configuration as many times as needed. You can reach the configuration page for each VLAN by accessing it from the drop-down menu at the top of the page, or by navigating to Interfaces | (assign) once again and clicking on the appropriate VLAN in the Interface column.