Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Guest VLAN with Unifi

    Scheduled Pinned Locked Moved L2/Switching/VLANs
    4 Posts 4 Posters 329 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      orangehand
      last edited by

      I can't work out for the life of me what I've done wrong, but the clients aren't getting an IP on several guest VLANs I've set up.

      pfSense procedure:
      Add VLAN
      Assign to LAN interface, rename and enable
      Enable DHCP on VLAN
      Add rule to allow all out
      Add rule to block access to LAN net

      In Unifi controller
      Add guest network, add VLAN ID

      I thought that was it but users cannot get an address on the guest wifi. Anyone got any clue as to what's wrong?

      Thanks

      johnpozJ Austin 0A 2 Replies Last reply Reply Quote 0
      • R
        ronv42
        last edited by

        One thing you didn't mention is what your physical network layout for AP's, switches, trunks, etc. I once beat myself up when standing up a new VLAN and realized on my trunk port I did not do a "All" and only configured for the networks that were in use.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @orangehand
          last edited by

          @orangehand yeah we need to know your switch setup to where you plugged in your AP

          so your lan that this vlan sits on is connected to a switch. So this vlan would need to be tagged.

          pfsense -- 1U, 10T -- switch -- 1U,10T -- AP

          lets say lan is 192.168.1.0/24 and vlan is 192.168.10.0/24

          Where 1 is just the default vlan on your switch and not tagged, this is your lan network. Now lets assume you using vlan ID 10 for this vlan in my above example.

          Also you mention adding the network with vlan ID in the controller - but did you assign it to a your guest SSID?

          So you can see here I have a few vlans on my unifi AP.. Take example the w_psk one - this is where the majority of my iot devices connect.

          vlanunifi.jpg

          It has a vlan ID of 4, and then the ssid I created for them is on vlan 4..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • Austin 0A
            Austin 0 @orangehand
            last edited by

            @orangehand Without more info the best I can do is suggest that you watch this video. https://youtu.be/WMyz7SVlrgc

            I followed this to setup VLANs on my pfsense and unifi equipment. Note that is you have a SG-1100 or SG-2100 there are extra steps.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.