Ubiquiti UniFi Management Network VLAN - Why & How to Configure (in-band/out-of-band)

Рет қаралды 4,631

Күн бұрын

Пікірлер: 22

@1stGruhn 15 күн бұрын

I've been using the 2nd approach for a long time now. For clients I just set the ports to the various vlans I need them to be and I make them access ports (usually leaving 1-2 ports on each switch as the default trunk). And I always document which are which (often labeling the default ports as management ports. I work in environments where the switches are always in IDF or MDF rooms and are behind locked doors. So plain documentation is not a concerning vulnerability.

@gregbelcher937 10 ай бұрын

Another very informative video with attention to detail and practical examples - thanks!

@lostmatt 10 ай бұрын

Could you add a link to description of that other vlan management video you mentioned? Thanks!

@hz777 10 ай бұрын

kzbin.info/www/bejne/Y6Cpo5lqe85psJosi=EsjouVacPmp2T2OF

@Kehf27 4 ай бұрын

Hey there again. Quick question I also have a UCK+Gen 2 and am wondering how to put it on a management VLAN. Did you have instructions on how to do this? I think in this video you mentioned that you might publish instructions but I was unable to find any, Thanks again.

@hz777 4 ай бұрын

It's not recommended, but you can try to set the port that the cloud key is connected to with a port profile for the management VLAN, then go from there

@Kehf27 4 ай бұрын

Thank you

@neuroticepisode5208 Ай бұрын

Hey 777 or 444, I really love your videos, I've learned a lot, a lot! From them, Could you please create a 2024 video on how to implement OPNSENSE running on hardware with the UDM pro? A lot has changed both in unifi and in opnsense, I have a really bad ISP that wont give me my PPPOE credentials to override my ISP provided modem, so I had to DMZ to a static IP adress assigned to my protectli vault running OPNSENSE savvy shark pre installed, and I also have another protectli vault with opnsense installed I was thinking running the second one behind the first one as a transparent bridge filter to maybe try and combine it with the UDM pro, my ubiquiti hardware is UDMPRO USW aggregation switch (layer2) 24 port poe (layer 2 for APs) 24 port (layer 3) 2 u7pro max aps and 2 u6e aps, Im really breacking my head on trying to configure all together and make it really secure, please!

@hz777 Ай бұрын

I don't use OPNSENSE, but I assume it works in the similar way as pfSense. I have both UniFi gateway and pfSense network in my house, but only one of them is my "production" environment, and the other one is the lab. In your case, it seems you have a have an OPNSENSE to talk to your ISP. I would either only use the OPNSENSE as the only router, or run UniFi gateway behind it. I would not run another OPNSENSE between the must-have OPNSENSE and UniFi. You may consider to use your second OPNSENSE as your lab router. Just my two cents.

@neuroticepisode5208 Ай бұрын

@hz777 thank you!

@jjrican72 10 ай бұрын

I know this is a comment outside of the scope of this video, but I was wondering since your Lab setup has almost all the elements I have in my home network, if there is any chance you can create content on Aggregation switches and how to implement them.

@hz777 10 ай бұрын

If you mean the usw-aggregation and usw-aggregation-pro switches, to me they are just another two switches. What specific aspects do you expect to see? The closest I have is a 10GbE video: kzbin.info/www/bejne/mJjVdquVe7Nrqc0si=jLMiKKuo5rOXVa3d

@jjrican72 10 ай бұрын

@hz777 I added an aggregate switch to my network. I've been trying to connect my Enterprise POE 24 switch ports 25 and 26 to the Aggregate switch ports 5 and 6 and set up Link Aggregation. I've read and reviewed some documentation online, but I'm still not clear on how to do it.

@hz777 10 ай бұрын

To set up link aggregation, keep in mind to follow the from far to near approach: first set the link aggregation on the far switch, then change the link aggregation for the ports on near switch, otherwise you may lose the management connection to your far switch. I do have a video on link aggregation: kzbin.info/www/bejne/iXK9hHV8fZmWf9Usi=2RDQ76c7i639yALR , even though it's not about setup.

@jjrican72 10 ай бұрын

That's the part that I'm still a little uncertain about how to do it as I still don't grasp it completely. I need to make the cable connections between the Aggregate and Enterprise before configuring right? Also, only the Enterprise is what I want/can aggregate, so the near switch would be the one in this case. The way the topology looks like now is UXG Pro --Aggregate--USW Enterprises Poe--USW Pro 8 Poe--USW Industrial

@hz777 10 ай бұрын

Delete this post for apparent reason.

@jaypines 10 ай бұрын

On my setup I just make my network management on the default vlan and all other user/admin network on separate vlan. Easier to troubleshoot when you do network upgrade/change.