I did this too, it is mind blowingly awesome! My Flex mini is zip-tied inside the FIOS ONT enclosure down in the basement, powered by POE. You can actually use the built-in switch on the UDMP for the WAN tunnel exit, with a 6" cable directly to the WAN port.

"She is a lovely wife allowing me to put the entire rack in her office..." I hope you had her approval for this script...

Great video on practical uses of VLANs, specially at home. Keep the good work, preferably improving your cable management : )

Reminds me of my house. Renting sucks. Clever work there! Being limited really forces you to get creative and it's inspiring what you can come up with and solve.

This is crazy useful, it didn't even occur to me to run it this way. I'm about to do exactly what you just did in my own rental. Serendipitous that i happened across this video.

I love how the concept of this works. The one thing I see missing is how he setup the InternetVLAN for the port profile. It would be helpful.

This is so didactically smart. Love it. It gives me ideas to optimize my unifi devices locations

Loved this type of video, Rex! The use case is easy to relate! I got myself knowledge and some insights. Thank you!

Very helpful. Set this up this morning while migrating from a USG/Cloud Key to a UDM Pro.

I can confirm that this actually works. I had implemented it in my in-laws house to connect Bell fiber to my pfsense upstairs.

It's very nice to see your closet again after a long time...!!!!😂🤣

I've done the same with my starlink. You just have to make sure it never changes to meshing, otherwise the speeds will drop. I hope ubiquiti will add virtual WANs, or at least an option to just virtually "plug in" a vlan into the WAN port in the future

Never saw a anything like this, great tutorial!

Ideally you would also now create a new port profile that excluded VLAN100 and use that on all the other ports in your network in place of the usual default/ALL profile. Unfortunately I don't think the flex mini supports custom port-profiles (just the default all, or one VLAN only) unless things changed with the latest firmware update.

After watching your video and also crosstalk solution's video doing a Boat House retreat setup i decided to do a similar setup which i always wanted to do and centralising my gears in one place and ph boy am i happy ! thank you man !

ingenious use of vlans. Well done

This video taught me that your hair is absolutely magnificent and luxurious.

Possible heads up, I haven’t done with unifi so I’m not sure it’s applicable, but with other equipment I’ve had issues with this not working after a power outage or modem reboot The reason is most isps (including charter) put a mac limit of 1 on their modems and layer 2 protocols on the switch could send traffic that make it see them and then not allow your router. It may not have been an issue moving things “hot” without rebooting the modem since it was still “locked” to your udm But if you have issues look into disabling spanning tree and lldp on the port/vlan

Great video, remember someone else doing a similar video trunking a vlan from a remote house (where modem was) to main house via the small Flex Mini switches. Actually contemplating moving my UDM Pro to another floor via this technique that you did. question. what else do you have running on ports 2 and 3 on the Flex Mini Switch? Port 5 went to your modem, another port had to come up to your other rack, is the last port for the office or an AP?

Could you move the modem into Katie's office with the rack by using a coupler on the coaxial cable? Seems a lot cheaper and quicker.

Nice solution, and I appreciate you sharing. Some years ago I had a similar issue. I bought a pair of cheap RJ45 breakout adapters and used the only Cat5e 4-pair cable as two 2-pair cables. One carried WAN from cable modem to router in a different closet; the other carried LAN back from router to a switch in the same rack as the modem. No PoE on the Cat5e, of course. Not sure PoE was a thing then. I don't know if that would have supported even 1 gig speeds, but that wasn't a thing then either.

That is a pretty cool solution.

Why not just take the input Coax... connect it to those other coax that are leading to other rooms... and put the Modem upstairs?

Nice video to introduce the uninitiated to the concepts and basic understanding of VLANs. From an operational perspective, I have issues with your execution. My primary issue is that it is not a good practice to run the WAN and LAN across the same physical network on multiple tagged VLANs. Issues such as the switch sending LLDP packets to the cable network. Another issue is that if the switch or cable modem connected in the clear to the WAN is compromised, the internal network VLANs can be exposed. That will negate the Dream Machine (firewall) protection. Yes, having multiple VLANs on the internal network is a good idea, but not the methodology being used. (VLANs: House net, Server net, IOT net and Guest net…) From what I can see of your facility (home) you have a good starting point to get the configuration that you are looking for. Keep your router/firewall (UniFi Dream Machine Pro) at the Demarc (Closet) flat mounted to the wall. Put the small switch (a small managed 10/2.5G switch would give you more flexibility) in the service box with the cable modem. If 10G is not reliable over your ethernet (CAT5e) consider re-terminating the cables. 10G over CAT5e is good up to 45m on the most commonly installed UTP CAT5e cable. From what I can see in your video it looks like you have access to Coax distribution from your Cable TV in the Demarc. You can use the Coax with MoCA network adapters that support 2.5G and pass Tagged VLANs.

I have done that with a meraki switch creating 2 transport l2 vlan each one for one wan interface of the udm pro, works just fine. The only problem i had once had to factory reset the switch and made a mess due to all ports went to vlan 1 😅

Thanks for this detail walkthrough! I have a similar situation at home where my modem and other devices is in room A (with not enough space for a dream machine pro), and a server rack in room B (where I planned to put my dream machine pro). Is it possible for me to do a similar setup, which is to add a flex mini in Room A, setup up VLAN ports to link between the modem and another cable that runs to Room B, and directly connect to my dream machine pro without a Aggregation device?

Hey there, any chance you could do a step by step guide to changing a router and getting my synology and plex working

Nice video! Was there a video chapter about setting up Internet VLAN in the Unifi controller UI? It seems like you jumped right into the created vlan in Unifi. Thanks!

This is amazing! I tried it and it works great. But there seems to be a problem. I have a PPPoE connection and for some reason I can see tons of unknown devices with Mac addresses on the client devices list. It's all on a Vlan only third party gateway with all other Vlans blocked . Switch in use is a Switch Flex which then connects to a GPON ONT converter (and is powered on with a POE splitter). Should I be worried? The Vlan is then moved through a trunk port to the UDR

It was pretty nice, I just wished you would have color draw the VLAN 100 for the people that are not sure how that works, exactly

I am really struggling to wrap my head around this config. So you plug your ISP modem into one of 1-4 and port 5 is going to aggregation switch linked to UDM. Then the rest of the traffic from your aggregation is sent back up to the flex mini port 5? And you have VLANs for your APs and such on the flex mini?

How do you find the speed when sharing a physical cable across two VLAN's ?

I usually use VLANs to create separate Wi-Fi networks, like guest can't go to the router, they only can go to internet. Because I use virtual machines, I use VLAN to separate and just lets pass some information like ping, etc.

Really good to see such a helpful vid. Unless the UDMP was an EA product, the 8 port built in switch has throughput limitations. Better to use an SFP+ port to connect to a fully functional managed switch, completely avoiding the UDMP's switch ports. This is a well documented issue, unfortunately, and one of the reasons I use an UXG-PRO 😎

I had Comcast in here to upgrade my router. I was trying to explain this to them. I don't have VLANs set up yet but he's like why do you have all these cables all over and why don't you just connect it into the modem router that we're providing. I'm like that's not gonna work because my main router is upstairs. You're looking at the dangling WRT54G that is set up for legacy devices and needing a switch in the basement and not having one and leaving it there for three years temporary permanent that runs over one cable upstairs and then another cable comes from upstairs back downstairs........

happy things

Good job!

It was only possible to fit ONE underground cable between my NAS location and my house. I got 10Gbe (for NAS-PC only) and standard 1Gbe to my main LAN/router/wan. Is it possible to setup a network with both the 1Gbe and the 10Gbe running through the single underground cable..?

Can you set the link speed of the ports to 2.5GB? I have unifi but i dont have 10GB ports except for the UDM Pro but i different switches have different functionality

Am I understanding right: ISP goes into Flex port 5 (tagged VLAN 100). Then your port out Flex to XG is tagged VLAN100 as well. Last, port from XG to UDMP is tagged VLAN 100? If that's right, then you have the downstairs Wifi hooked into the Flex? So The Wifi will be on its own VLAN which is getting internet from the UDMP LAN back down the same cable used to carry WAN in? Also connecting Wifi into Flex, won't that mean you have the closet service box door opened again?

You have that cali-surfer vib and voice, just go with it. :)

Youre saying towards the end of the video that the SFP+ LAN port on the UDMP should be tagged "ALL" and connected to a switch port tagged as "InternetVLAN Only"? Is that right?

i did this in my condo many years ago. Router-On-A-Stick, right?

what happens to all the connections now hanging loose inside the closet?

do you need the aggregation to accomplish this? couldnt this be done with just the mini flex switch between your router and udm pro? Im asking this because i am trying to find a resolution for bringing the udm pro upstairs as well

Did you have to disable DHCP for the Internet vlan, or reconfigure the wan port?

Since all traffic is going through the Flex Mini, will it affect speeds?

MOCA extender? put a coupler on the incoming coax and to the room with the rack and move the modem there with the udm?

Um...if you just connect your ISP in coax cable in your closet box with a female to female coupler to the coax line going to the room upstairs with your rack, you can move your modem upstairs. Seems way easier to me.

I have Unifi Switches but a PFsense gateway. I created the VLAN in the unifi controller. The WAN gets it's IP from DHCP from the modem/router, so i should not configure the vlan on the PFsense, right? But it doesn't work, i can't figure out what i'm doing wrong

I guess you could've done that by using Ethernet over COAX adapters if you happen to have pre-wired coax cables throughout the house.. There are some adapters that can do 2.5Gbps.

12:22 wow those are some bad terminations. I wonder if you were to re-terminate all the ends properly if you would be able to do 10GB or at least 2.5GB? I can't see for sure but if the sheath hasn't backed off the connector I'm assuming they never trimmed them properly for the clip to bite into it. Which means they might not have cared too much about keeping as many twists as possible to prevent cross talk.

Have you considered running MoCa over those unused cable TV coax cables to run higher speeds? I believe MoCa supports up to 2.5Gbps.

I do see plenty of coax, in there, not being used as they are for cable boxes in your various rooms that you don't have cable boxes (does anyone??). So why don't you just connect one of those, just use a barrel connector to the coax that is being used for your modem and move the modem up to your rack. I assume that room has coax intended for the cable box in that room. Then just use the now unused cat 5e in Katies office back down to run any old switch down there. No VLANS involved.

You can do this with every router OS that's VLAN capable, this is not Unifi-exclusive.

Very interesting video. What is the impact on internet speed if you have an up and downstream through the same cable? Also does it matter if yuor internet WAN address changes as the provider gives you another internet address? I have a similar issue so i bought a manageable switch (with vlan). The problem is that i have not a dream machine pro. From reading the manageable switch manual i could not find out how to set it up. Can you work it with two manageable switches? BTW Thanks for the video.

I have to ask, why not connect the incoming cable coax to the coax that runs upstairs? Then you could install the modem upstairs?

In the upper left corner of your closet service box there is a chase tube (orange corrugated plastic tube, looks like the out-facing side got painted)... Looks like your ISP used it to bring your service into your unit... Where does it go? Likely one of two places- either directly to the exterior service connection or to an attic/crawl space. If the chase goes to the attic and you need a additional wires to an upper floor room, the chase tube will do 90% of the work. edit- cancel that... Went back, zoomed in... That *is* a chase tube, but it looks completely unused. Your installers ran ISP friendly service runs (coax?). Regardless... That chase goes _somewhere_. It's there to facilitate anything that needs retrofitting. Possibly with an alternative-service focus. Your VLAN trick is a great work-around but if you were ever looking for a less hack-fix solution, that chase might offer workable options as well. (If you decide to investigate- a set of fish sticks and/or fish tape might help you figure out where it goes. Both in a 'feel the resistance' as you feed into the chase sense as well as popping up through the insulation in an attic or down through a basement ceiling hole, etc.

Unfortunately this turned out to be a "UniFi" ( and mission ) specific video. It could be more informative by using "standard definitions" (or naming the correspondence) and by showing IP addresses of subnets`. Anyway, good to see you solved the unfortunate cabling torture easy. Thanks for the video

Most of the Ubiquiti Unifi products are intended for business use, not for consumers.

Don't forget to exclude all other ports from vlan100 orherwise wan traffic will go thru all your internal network...😅

Do you think this will work if my incoming internet is PPPoE with VLAN tagging on VLAN 35?

total bandwidth (wan+lan combined) will remain 1Gbe though, right? so you'd set up QoS to prioritize actual internet over local wifi to prevent bottlenecks?

You're lucky to have that rack in her office. I had no choice an APC NetShelter 25U rack that's full in our basement outside my office. Might have to buy a larger rack when we move!

Did you create InternetVLAN? I don't see this option on my Flex Mini.

If the rental house has cat5e already run and you want lets say cat7 for 10Gb, why don't you just replace a cat5e with a cat7 cable?

I am a network engineer and it puzzles me how come we're in 2023 and builders haven't yet factored in their house blueprints decent network projects. You can't have electronic equipment locked inside a minuscule panel that's inside a closet! Some brilliant mind needs to place a mini-rack in a location that's got ventilation, for all these house projects. Come on, builders! It's not that hard!!!

How many times have you moved recently?

TP-Link Omada is a better choice in my opinion ...

What are you doing with 10ge at home?

The only one item I'm missing in this video is what are the settings for InternetVLAN port profile and InternetVLAN settings

Complicated Router on a stick setup.

Sorry!!!! your partner let you have that rack in that room!!!

you basically told us the same thing 15 times at the start.. i spent 5 minutes listening to you tell me "the rack is upstairs and upstirs is where it is"

Crosslink solutions did this with starlink and a wireless IPS doing this both this way with VLAN's kzbin.info/www/bejne/hl7FdauDnNt6Z6s . Have you also thought about using the cat5 as a draw string to pull up cat6. The owner will not know if you did do it for some important runs. But also you may want to take a look at moca as seeing in your hallway cupboard you have the coax for it, and I think the latest version can do 2.5Gb to get to some of those hard to reach places. But thanks for reminding me about this as I was thinking of getting another cable run but using a flex mini I can power it over POE and give myself another 3 ports for very little.

I'm pretty sure you could do this with any non-Unifi managed switch...

Why wouldn't you just pay your ISP to run a coax to your upstairs it would cost you one service call fee. Which is like $89 thats so much easier than doing all this extra stuff. You can even do it yourself all you need is silicon, a mortar drill bit, a ladder, and a wallplate for under $20 USD

Couldn't you also just run your coax upstairs through the conduit? Cool video, and I learned some things, but I'm just curious.

Commenting before viewing 3 minutes, so grain of salt, but, Crosstalk Solutions did an install video of a lake house and used vlan to run the WAN through the same cable that provided that lower building with its access point, I assume you are doing something like this, and I wish there were more videos on this subject because it’s genius! So if any of you haven’t watched that video, take a look after this one.

Thats a pretty empty rack? Perhaps came frim a sponsor, but that seems a lot of overkill, no?

shouldn’t reveal your vlan number for security reason

No one who is concerned with support or security should use UniFi.

I dont believe you are a real person. I couldn't stand talking to you for more than 3 minutes if this is how you emote off camera.

Hire you? Hope you dont charge by the hour. I imagine long breaks and a lot of talk with management about how they could improve the water dispenser.

I'm the thousandth thumbs-up.

unify SENT me a bunch of stuff but it's NOT sponsored, using links to the products used, making promotion for the products.. Sponsorships are pieces of content that have been financed in whole or in part by a third party. Sponsorships generally promote the brand, message or product of the third party without integrating the brand, message, or product directly into the content.