pfsense and Unifi VLANs , Securing VLANS

Рет қаралды 25,564

Mactelecom Networks

Күн бұрын

Пікірлер: 51

@d3mist0clesgee12 2 жыл бұрын

I just inherited PfSense at new job, your video's are so helpful, please keep them coming, thanks again.

@Tofflus 2 жыл бұрын

Very good video! easy to understand and follow. please do more pfsense and unifi stuff

@stlsaint1 5 ай бұрын

Very much appreciated this vid.

@adamcparsons Жыл бұрын

Awesome tutorial! Thanks for sharing.

@BDBD16 2 жыл бұрын

Ignores TP Link between pfsense and synology. Lays out IP/VLan Schema correctly....I knew I liked you from Tom's live streams. Glad I found your channel! Keep up the good work!

@MactelecomNetworks 2 жыл бұрын

Thank you 🙏

@backupaddict1356 2 жыл бұрын

Nice vid... I like these more and more...

@nodd85 2 жыл бұрын

Awesome video, just subbed. I can't wait to see the pfsense firewall rules video. I have almost the same setup and I have the rules setup so that the Guest and IoT VLAN's can't access my main LAN, but I can't figure out how to stop the devices from my main LAN from accessing the Guest and IoT VLAN. When I make a rule blocking that traffic, I end up stopping all internet on those VLAN's. So I know I'm doing something wrong, I'm excited to see if you touch upon that in your new video. Keep up the great work.

@Pabula 2 жыл бұрын

Really nice video, thanks for sharing. HOpe to see more like this, specially PFsense combined with unifi.

@rick5056 2 жыл бұрын

Good video. Please make more firewall rules videos.

@try-that 2 жыл бұрын

Nicely done, looking forward to the next video in the series.

@josepdomotica7261 2 жыл бұрын

pfsense + unifi = awesome Maybe next vídeo: captive portal (pfsense) using unifi APs and authentication by FreeRadius? Congrats, good job.

@xCitedGaming 2 жыл бұрын

Great video as always!

@rfh1987 7 ай бұрын

It's pretty incredible how much Unifi Network has changed since this video.

@jfkastner 2 жыл бұрын

Well explained, thank you!

@BabaDka 9 ай бұрын

Thank you sir.

@aricmayberry 2 жыл бұрын

It's general best practice to create a management vlan and set that as the native vlan for APs. You could then also put the switch(s) on the management vlan under the device settings -> services -> management vlan.

@onlyzach1 2 жыл бұрын

Combining the 2 still looks scary to me, but these videos would be what I'd need to get going (hopefully). Can you do setting up a VPN and assigning certain devices (ie Apple TV 4K, SHIELD TV Pro, certain computers) to them? That'd be the main reason I'd do that setup. Great video as always!

@psytcp Жыл бұрын

It's scarier to only rely on unifi and have a false piece of mind.

@bruceyeh1720 2 жыл бұрын

This is very useful

@popa8262 2 жыл бұрын

How do you access the Hik Camera with Unifi ? without a NVR

@MactelecomNetworks 2 жыл бұрын

Will be using Synology as our nvr.

@Pabula 2 жыл бұрын

I would like to see in a future video: how to setup PFSense Traffic Shaping (QoS), and if you could, a way to stablish how much MBPS can that router route with it.

@t-lm Жыл бұрын

is a USW (managed switch) mandatory to have between the pfsense and Unifi controller for multiple VLANs (multiple WIFI networks) ?

@DigitalDaco Жыл бұрын

For this exact demo, can I use a Later 2 switch from the Unifi line or do I need a layer 3 switch? Edit: As long as we have the pfsense it can do the routing between Balans right?

@gentiboshnjaku9163 Жыл бұрын

I would like to see how to configure pfsense when isp modem is on gateway mode!

@anwar.shamim 2 жыл бұрын

love ur video

@eduardhernandez6846 Жыл бұрын

How would the blocking rule block the Guest network to my Lan?, I don't want them to be able to access.

@thm655321 2 жыл бұрын

I run pfsense on my QNAP TVS-h1688X (W-1250 Xeon 12 core at 3.3GHz). Could you not run pfsense on your Synology and save having to buy say the 6100?

@oleksandrlytvyn532 8 ай бұрын

Thanks

@dono42 2 жыл бұрын

Why not move LAN to VLAN 10 and disable the IP subnet on the physical link? On a trunk link, it is much more common to not have an IP subnet on the physical link itself.

@thm655321 2 жыл бұрын

Also, in one of your upcoming unifi videos, could you show how you start unifi network on your pc? The only way I can get it to run is to run the installation program each time and then open it in Google Chrome. PITA. There has to be a better way. Thanks.

@dustyn1700 2 жыл бұрын

Have you found any issues with 3rd party DHCP providing to UNIFI equipment? As an example, if you were using a SonicWALL firewall to provide VLAN/DHCP information for your Unifi switch & access point, have you had any issues with getting a DHCP address on the guest VLAN? Perhaps it was patched at some point but I've noticed it on a few networks.

@MactelecomNetworks 2 жыл бұрын

Hey, I haven’t had any issues although I don’t have a ton of clients who use a 3rd party DHCP server

@TechWithYouVee Жыл бұрын

can you use Fortigate as a gatewate with a VPN from the unifi console?

@kyopan23 Жыл бұрын

Can you do a video like this but with multiple physical uplinks? To further segregate traffic per VLAN

@TonyBoston 2 жыл бұрын

So the Default network on Unifi can just be ignored? Since it was set to 192.168.1.0/24 but your devices have an IP in 10.10.10.0/24

@retocx 2 жыл бұрын

Do you need to have an L3 switch to do this or could you do it with a Unify L2 switch?

@ldarbonnemagic 2 жыл бұрын

You don't need to create the 192.168.10.1 (default LAN) network in Unifi?

@etiennemc2613 2 жыл бұрын

Excellent video, continue with videos on pfsense and unifi network. Do you provide remote assistance for network configuration (pfsense and ubiquiti products), with teamviewer for example?

@kimlynch5526 2 жыл бұрын

I love your KZbin channel and info! This video is perfect as I have a Pf Sense 6100 on order and the same 8 PoE Enterprise switch. I have a Qnap h12388x Nas that I want to media server videos. The upcoming firewall video sounds great. I have lots of questions but with home computers and NAS on one VLan and Tivos, Roku etc on another VLan, IoT on another Vlan etc. Is there a way to have my Nas stream to my VLan with Tivos Roku etc safely using firewall. This would be across the two different Vlans? Again love your channel and explanations spelled out.

@JACAS 2 жыл бұрын

Gracias por el video, podrías hacer lo mismo con omada? Saludos. Thanks for the video, could you do the same with omada? Greetings.

@littlekoreanboi 2 жыл бұрын

I cant get my unifi 8 port poe switch to be "adopted" nothing shows up for me. Dont know what im doing wrong. My pfsense is connected to a netgear s3300 poe switch and from there I connected my unifi 8 port switch but nothings happening. I see it connected on the pfsense dhcp lease but i cant adopt the switch or my aps to my unifi network

@thm655321 2 жыл бұрын

I had a similar issue I think. The unifi switch has a default ip of 192.168.1.20. Don't change that before adopting. If you did change it, put it back to 192.168.1.20 and try to adopt again. Then change it to whatever you want afterwards (both in your DHCP server and on the switch settings themselves).

@lawdawg1942 2 жыл бұрын

So PFsense is opposite of unifi in firewall rules. Unifi everything works off the hop, PFsense you have to open it up. I have a Edge router and flex mini switch i want to mimik this setup with as USG's are never in stock. I think i can follow your edge router video for this setup.

@Jr2728 2 жыл бұрын

Nice

@chrislowe8085 2 жыл бұрын

Is it only vlan only in unifi or should you do the other option?

@joedisalvo 2 жыл бұрын

Follow what Cody has in the video. When using a non-unifi router with a unifi switch, you are only establishing the VLANs in unifi to be used on the switch to isolate the layer 2 broadcast traffic (this is achieved by first creating the VLAN-only networks and then assigning the port profiles as appropriate to your switch ports). In this setup, the layer 3 IP networks are created on the pfsense router. There is no need to create a corresponding IP network in unifi for this configuration because the unifi device (the switch) will not be responsible for routing IP traffic. Sorry for the long comment, just wanted to provide a little extra detail. Anyone else please correct me if I got anything wrong.

@BDBD16 2 жыл бұрын

@@joedisalvol He did create the VLans/networks in Unifi, you have to as of a recent update it is only the way to manage what Vlan's are allowed to traffic on separate SSIDs.