VLANs with pfSense and Unifi gear
A question about Unifi’s handling of the native/default VLAN...
I have a pfSense firewall/gateway (call it “pfSense”), a hardware Cloudkey and several Unifi switches and wireless Access Points.
On pfSense there is a LAN subnet (call it x.x.8.0) which is not associated with any VLAN. On pfSense there are several VLANs defined (say 10 & 20) with corresponding subnets defined. The Unifi equipment has “VLAN only” networks 10 & 20 defined.
Unifi has a pre-defined “Corporate” network 192.168.1.0/24 which I completely ignore.
- The native VLAN is 1 in Unifi gear and cannot be changed (?) Is it therefore correct that my LAN subnet (8) will end up on VLAN 1 because it is not associated with any other VLAN ? Is it more secure to define another VLAN (call it 8) and associate this with the LAN 8 subnet in order to prevent this fallback to VLAN 1 ? i.e. ensure every subnet is associated with a some VLAN that is not 1.