Can't get pfSense to communicate with Ubiquiti switch

johnpoz

@Arimil yeah if the old L3 was routing, its gateway was prob set to whatever the old network was. Which prob now different?

johnpoz

@mcury said in Can't get pfSense to communicate with Ubiquiti switch:

but I think he shouldn't have added that gateway in the first place

you need a gateway to point the route too ;) So yeah pfsense needs to have a gateway, that it sends traffic to get to other networks that are downstream or upstream depending on where pfsense sits in the network ;)

mcury

@johnpoz said in Can't get pfSense to communicate with Ubiquiti switch:

you need a gateway to point the route too ;) So yeah pfsense needs to have a gateway, that it sends traffic to get to other networks that are downstream or upstream depending on where pfsense sits in the network ;)

hmmm ohh yes, you need to create that gateway to use it in the static route, my mistake :)

Arimil

I got a chance to mess with this over the weekend, it seems I was mistaken about the switch doing the routing, the switch just has a bunch of VLAN configured that it's resolving using the upstream gateway, so it seems I have to configure all those VLAN to match what the switch is expecting for the VLAN ids.

coxhaus

@mcury
Look at Cisco. They have been doing layer 3 for many years and it works well. All of Cisco small business 300 and 500 switches do layer 3. I have been running layer3 at home for 15 years.

You want to point all the local gateways at the layer 3 switch and point the default route to Pfsense.

If you are doing trunking then you are NOT doing layer 3 switching.

mcury

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

@mcury
Look at Cisco. They have been doing layer 3 for many years and it works well. All of Cisco small business 300 and 500 switches do layer 3. I have been running layer3 at home for 15 years.

You want to point all the local gateways at the layer 3 switch and point the default route to Pfsense.

I used to work a lot with Cisco switches, but at that time, most of them didn't support L3.
The VLAN interface was for management only.

According to the specs, USW Pro 24 is L3 capable but I'm not sure If I would use it.
See, the L3 support is pretty recent, maybe three months ago (not sure exactly when) they released a firmware that fixed ACL and other things.
Until that moment, nobody was using the L3 features of these switches because a simple reboot would erase all your ACL configuration.

mcury

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

If you are doing trunking then you are NOT doing layer 3 switching.

That is router on a stick.

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

You want to point all the local gateways at the layer 3 switch and point the default route to Pfsense.

We were not aware that the end user was speaking about L3 at that time.

coxhaus

@mcury
You must be as old as me. Back when I worked, we only used Cisco enterprise. I retired around 20 years ago.
I have been running Cisco small business equipment since then. The nice thing about Cisco small business networking equipment is you get firmware updates for life of the product. It is not like Cisco enterprise where you have to pay for IOS upgrades. So, it works well for home and small businesses. I run a CBS350 switch and 3 Cisco 150ax WiFi 6 Aps.

mcury

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

You must be as old as me.

Yes, I feel old ehhe

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

I have been running Cisco small business equipment since then.

They are way to expensive around here, maybe one day I get one to play with, for fun :)

coxhaus

@mcury I paid less than $300 for my POE+ Cisco cbs350 switch and my last wireless 150ax AP costs me $102. Not expensive for me.

mcury

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

Not expensive for me.

I live in a third world country. I bought a SG-4100 for 500 dollars, paid 9 minimum wages in local currency.
Here, if you want to import something, you buy one for yourself and a bunch for the government, in taxes.

coxhaus

@mcury
So, I would assume an Ubiquiti switch would cost around the same. You may be better off with Cisco.

mcury

@coxhaus said in Can't get pfSense to communicate with Ubiquiti switch:

So, I would assume an Ubiquiti switch would cost around the same. You may be better off with Cisco.

Yeap, I'll definitely check those, I usually wait a lot, do a lot of research..

When I got the SG-4100, I was thinking about an upgrade of my entire network to 2.5Gbps, but since then, I couldn't find a managed 2.5Gbps switch that worth the price.

In this mean time, I got non managed switch, tp-link (TL-SH1005), it gets the job done.
Also got a 2.5Gbps ethernet adapter for my NAS, which is working perfectly.

So, for the time being, I can search for prices, no rush..