Awesome video, just subbed. I can't wait to see the pfsense firewall rules video. I have almost the same setup and I have the rules setup so that the Guest and IoT VLAN's can't access my main LAN, but I can't figure out how to stop the devices from my main LAN from accessing the Guest and IoT VLAN. When I make a rule blocking that traffic, I end up stopping all internet on those VLAN's. So I know I'm doing something wrong, I'm excited to see if you touch upon that in your new video. Keep up the great work.
Ignores TP Link between pfsense and synology. Lays out IP/VLan Schema correctly....I knew I liked you from Tom's live streams. Glad I found your channel! Keep up the good work!
It's general best practice to create a management vlan and set that as the native vlan for APs. You could then also put the switch(s) on the management vlan under the device settings -> services -> management vlan.
Combining the 2 still looks scary to me, but these videos would be what I'd need to get going (hopefully). Can you do setting up a VPN and assigning certain devices (ie Apple TV 4K, SHIELD TV Pro, certain computers) to them? That'd be the main reason I'd do that setup. Great video as always!
I would like to see in a future video: how to setup PFSense Traffic Shaping (QoS), and if you could, a way to stablish how much MBPS can that router route with it.
Why not move LAN to VLAN 10 and disable the IP subnet on the physical link? On a trunk link, it is much more common to not have an IP subnet on the physical link itself.
Also, in one of your upcoming unifi videos, could you show how you start unifi network on your pc? The only way I can get it to run is to run the installation program each time and then open it in Google Chrome. PITA. There has to be a better way. Thanks.
Excellent video, continue with videos on pfsense and unifi network. Do you provide remote assistance for network configuration (pfsense and ubiquiti products), with teamviewer for example?
For this exact demo, can I use a Later 2 switch from the Unifi line or do I need a layer 3 switch? Edit: As long as we have the pfsense it can do the routing between Balans right?
I love your RUclips channel and info! This video is perfect as I have a Pf Sense 6100 on order and the same 8 PoE Enterprise switch. I have a Qnap h12388x Nas that I want to media server videos. The upcoming firewall video sounds great. I have lots of questions but with home computers and NAS on one VLan and Tivos, Roku etc on another VLan, IoT on another Vlan etc. Is there a way to have my Nas stream to my VLan with Tivos Roku etc safely using firewall. This would be across the two different Vlans? Again love your channel and explanations spelled out.
Have you found any issues with 3rd party DHCP providing to UNIFI equipment? As an example, if you were using a SonicWALL firewall to provide VLAN/DHCP information for your Unifi switch & access point, have you had any issues with getting a DHCP address on the guest VLAN? Perhaps it was patched at some point but I've noticed it on a few networks.
So PFsense is opposite of unifi in firewall rules. Unifi everything works off the hop, PFsense you have to open it up. I have a Edge router and flex mini switch i want to mimik this setup with as USG's are never in stock. I think i can follow your edge router video for this setup.
I cant get my unifi 8 port poe switch to be "adopted" nothing shows up for me. Dont know what im doing wrong. My pfsense is connected to a netgear s3300 poe switch and from there I connected my unifi 8 port switch but nothings happening. I see it connected on the pfsense dhcp lease but i cant adopt the switch or my aps to my unifi network
I had a similar issue I think. The unifi switch has a default ip of 192.168.1.20. Don't change that before adopting. If you did change it, put it back to 192.168.1.20 and try to adopt again. Then change it to whatever you want afterwards (both in your DHCP server and on the switch settings themselves).
Follow what Cody has in the video. When using a non-unifi router with a unifi switch, you are only establishing the VLANs in unifi to be used on the switch to isolate the layer 2 broadcast traffic (this is achieved by first creating the VLAN-only networks and then assigning the port profiles as appropriate to your switch ports). In this setup, the layer 3 IP networks are created on the pfsense router. There is no need to create a corresponding IP network in unifi for this configuration because the unifi device (the switch) will not be responsible for routing IP traffic. Sorry for the long comment, just wanted to provide a little extra detail. Anyone else please correct me if I got anything wrong.
@@joedisalvol He did create the VLans/networks in Unifi, you have to as of a recent update it is only the way to manage what Vlan's are allowed to traffic on separate SSIDs.
I just inherited PfSense at new job, your video's are so helpful, please keep them coming, thanks again.
Very good video! easy to understand and follow. please do more pfsense and unifi stuff
Awesome video, just subbed. I can't wait to see the pfsense firewall rules video. I have almost the same setup and I have the rules setup so that the Guest and IoT VLAN's can't access my main LAN, but I can't figure out how to stop the devices from my main LAN from accessing the Guest and IoT VLAN. When I make a rule blocking that traffic, I end up stopping all internet on those VLAN's. So I know I'm doing something wrong, I'm excited to see if you touch upon that in your new video. Keep up the great work.
Good video. Please make more firewall rules videos.
Ignores TP Link between pfsense and synology. Lays out IP/VLan Schema correctly....I knew I liked you from Tom's live streams. Glad I found your channel! Keep up the good work!
Thank you 🙏
Really nice video, thanks for sharing. HOpe to see more like this, specially PFsense combined with unifi.
It's general best practice to create a management vlan and set that as the native vlan for APs. You could then also put the switch(s) on the management vlan under the device settings -> services -> management vlan.
pfsense + unifi = awesome
Maybe next vídeo: captive portal (pfsense) using unifi APs and authentication by FreeRadius?
Congrats, good job.
Nicely done, looking forward to the next video in the series.
Combining the 2 still looks scary to me, but these videos would be what I'd need to get going (hopefully). Can you do setting up a VPN and assigning certain devices (ie Apple TV 4K, SHIELD TV Pro, certain computers) to them? That'd be the main reason I'd do that setup. Great video as always!
It's scarier to only rely on unifi and have a false piece of mind.
Very much appreciated this vid.
It's pretty incredible how much Unifi Network has changed since this video.
Nice vid... I like these more and more...
Awesome tutorial! Thanks for sharing.
I would like to see in a future video: how to setup PFSense Traffic Shaping (QoS), and if you could, a way to stablish how much MBPS can that router route with it.
Thank you sir.
How do you access the Hik Camera with Unifi ? without a NVR
Will be using Synology as our nvr.
Why not move LAN to VLAN 10 and disable the IP subnet on the physical link?
On a trunk link, it is much more common to not have an IP subnet on the physical link itself.
Well explained, thank you!
Thanks
Also, in one of your upcoming unifi videos, could you show how you start unifi network on your pc? The only way I can get it to run is to run the installation program each time and then open it in Google Chrome. PITA. There has to be a better way. Thanks.
Great video as always!
I would like to see how to configure pfsense when isp modem is on gateway mode!
Excellent video, continue with videos on pfsense and unifi network.
Do you provide remote assistance for network configuration (pfsense and ubiquiti products), with teamviewer for example?
Can you do a video like this but with multiple physical uplinks? To further segregate traffic per VLAN
Gracias por el video, podrías hacer lo mismo con omada? Saludos.
Thanks for the video, could you do the same with omada? Greetings.
For this exact demo, can I use a Later 2 switch from the Unifi line or do I need a layer 3 switch?
Edit: As long as we have the pfsense it can do the routing between Balans right?
is a USW (managed switch) mandatory to have between the pfsense and Unifi controller for multiple VLANs (multiple WIFI networks) ?
I run pfsense on my QNAP TVS-h1688X (W-1250 Xeon 12 core at 3.3GHz). Could you not run pfsense on your Synology and save having to buy say the 6100?
I love your RUclips channel and info! This video is perfect as I have a Pf Sense 6100 on order and the same 8 PoE Enterprise switch. I have a Qnap h12388x Nas that I want to media server videos. The upcoming firewall video sounds great. I have lots of questions but with home computers and NAS on one VLan and Tivos, Roku etc on another VLan, IoT on another Vlan etc. Is there a way to have my Nas stream to my VLan with Tivos Roku etc safely using firewall. This would be across the two different Vlans? Again love your channel and explanations spelled out.
How would the blocking rule block the Guest network to my Lan?, I don't want them to be able to access.
can you use Fortigate as a gatewate with a VPN from the unifi console?
Have you found any issues with 3rd party DHCP providing to UNIFI equipment? As an example, if you were using a SonicWALL firewall to provide VLAN/DHCP information for your Unifi switch & access point, have you had any issues with getting a DHCP address on the guest VLAN? Perhaps it was patched at some point but I've noticed it on a few networks.
Hey,
I haven’t had any issues although I don’t have a ton of clients who use a 3rd party DHCP server
Do you need to have an L3 switch to do this or could you do it with a Unify L2 switch?
This is very useful
So the Default network on Unifi can just be ignored? Since it was set to 192.168.1.0/24 but your devices have an IP in 10.10.10.0/24
So PFsense is opposite of unifi in firewall rules. Unifi everything works off the hop, PFsense you have to open it up. I have a Edge router and flex mini switch i want to mimik this setup with as USG's are never in stock. I think i can follow your edge router video for this setup.
You don't need to create the 192.168.10.1 (default LAN) network in Unifi?
Nice
love ur video
I cant get my unifi 8 port poe switch to be "adopted" nothing shows up for me. Dont know what im doing wrong. My pfsense is connected to a netgear s3300 poe switch and from there I connected my unifi 8 port switch but nothings happening. I see it connected on the pfsense dhcp lease but i cant adopt the switch or my aps to my unifi network
I had a similar issue I think. The unifi switch has a default ip of 192.168.1.20. Don't change that before adopting. If you did change it, put it back to 192.168.1.20 and try to adopt again. Then change it to whatever you want afterwards (both in your DHCP server and on the switch settings themselves).
Next time, do this in dark mode.
Is it only vlan only in unifi or should you do the other option?
Follow what Cody has in the video. When using a non-unifi router with a unifi switch, you are only establishing the VLANs in unifi to be used on the switch to isolate the layer 2 broadcast traffic (this is achieved by first creating the VLAN-only networks and then assigning the port profiles as appropriate to your switch ports). In this setup, the layer 3 IP networks are created on the pfsense router. There is no need to create a corresponding IP network in unifi for this configuration because the unifi device (the switch) will not be responsible for routing IP traffic. Sorry for the long comment, just wanted to provide a little extra detail. Anyone else please correct me if I got anything wrong.
@@joedisalvol He did create the VLans/networks in Unifi, you have to as of a recent update it is only the way to manage what Vlan's are allowed to traffic on separate SSIDs.