Unifi Dream Machine and PFSense
-
UDM does actually have an interface on the management VLAN.
@johnpoz I'll review your comment tomorrow.
-
Ah, well you should be able to connect to the UDM using it's IP in the management VLAN from that host in the same VLAN without issue. That traffic would not go through pfSense at all.
Steve
-
"Or just trunk 1 and carry all your wireless vlans on it, and whatever management vlan your using on the UDM."
I could've sworn this didn't work, just based how wacky Ubiquiti is. No harm in trying again.
"Only problem you might have is if wan is not connected, the UDM might not be able to download updates when you want to update the controller software or firmware"
WAN is required at set up and to download updates.
"and just not do anything with it other than letting the UDM talk to the internet to grab updates."
Yep, whitelisting works wonders here.
"If I had one to play with - be happy to walk you through a setup.. But was never a fan of such a device."
Same here, but unfortunately nothing rivals it (that I know of). You're forced to use it if you want to use access control or the NVR. I would've gone with Axis, but it's like triple the cost. It's a shame there's such a disconnect between development and real-world. There's not even a way to automatically back up the recorded video (not officially).
-
So running off just one interface, on the UDM, won't work (just tested). You have to define a "Network" (aka an Interface) to tell it which VLAN/subnet it's on. Otherwise, it won't know what to do with the tagged traffic.
-
Nonsense... You do not have to assign the network to an interface.. It would be impossible to do vlans then..
Or just assign them all to the same port.. Putting in a vlan tag..
-
@tyler-montney-0 said in Unifi Dream Machine and PFSense:
You're forced to use it if you want to use access control or the NVR
You could of just gotten their NVR.. Or just run their nvr software on anything you already had.. You sure don't need a UDM, their little cloudkey can be the NVR..
Oh it seems they might have changed that you do need one of their products to use "protect".. That didn't use to be the case back... But you made no mention of camera's before. But the little cloudkey ck+ would work for that..
When it was unifi video you could run it on your own hardware..
-
It's that new interface that's the problem. It doesn't show that as an option unless you switch to the legacy interface (which "will impact performance"). I figured I had to since I saw no other option.
"You could of just gotten their NVR."
Since I want to use all 4, I can't. Unifi Video is deprecated.
-
@tyler-montney-0 said in Unifi Dream Machine and PFSense:
legacy interface (which "will impact performance")
What? You can switch back and forth between the legacy and new UI, I do it all the time on mind.. And using legacy sure doesn't impact performance ;) heheh
-
-
Its BS ;)
It also shows you this - when something is missing.
-
Right. Spend enough time in the new settings, I forget to check.
What's also amazing is now that I've done this, the new UI no longer shows the VLAN-only networks. Only will if I switch back.
Go figure, I get UDM help in the PFSense forum. I posted about this on their forum and got no help.
Although I didn't fix the asymmetric routing issue, changing my networks to VLAN-Only has removed that option and makes it irrelevant. Consider this solved, thanks for everyone's help.
-
There are many a unifi user here.. Just normally the AP.. I was thinking of getting some of their camera's - but if they have pulled the ability to run their software on my own hardware.. Have to rethink that..
I got a cheap PTZ camera a couple of weeks back to help someone on another forum - and use as test for my own use.. It works with my NAS surveillance software..
I have no problem buying hardware to play with - as long as its not too expensive ;)
There are plenty of options out their for cameras, you sure do not need to use unifi, or lock yourself into their software/hardware.
edit: Yeah you can leave your udm with a wan, I would put that on its own vlan for pfsense - and then just don't use it for any routing of your networks. Leave that up to pfsense ;)
-
"There are plenty of options out their for cameras, you sure do not need to use unifi, or lock yourself into their software/hardware."
True but it's a bit of a rabbit hole. I'm very happy with their wireless. Then I notice they have cameras. And then I see access control. And, oh, VOIP looks interesting I might try that. It's a balance among ecosystem, price point, and quality. Ubiquiti could be better, but I don't know of anyone else who does what they do in this range. If there was something reasonable between that of Ubiquiti and Axis, I'd certainly love to hear about it (even if it meant doing wireless/VOIP with ubiquiti, and camera/access control with another vendor).
-
Very true about the rabbit hole ;)
edit: The cheap camera I got was from amcrest.. I sure don't have enough play time with it or any of their software.. To say one way or the other if any good.. But got it to work with my nas software. And it seems to be ok for picture. And it was cheap ;)
The reason I had gotten it was user having issue with delay in RTSP, etc. I have not seen any of that - he has a really messed up network.. Which I told him from the get go, but to prove it to him I got a shit camera capable of RTSP and has sub 1 second delay (few ms really).. Showed him that with video of a clock running on my ipad, etc.. ;) heheh
-
"Yeah you can leave your udm with a wan, I would put that on its own vlan for pfsense"
First thing I did, actually.
