Port tagging on APU2?

JKnott

@Raffi_

Yeah, the Unifi config is a bit strange. However, working with VLANs is fairly simple. Just make sure your VLANs match across all devices, including any switch you pass through. I have my guest WiFi on VLAN 3, so I configured that on my AP, switch and pfsense.

bingo600

@orangehand

Why do you use Manual nat , and not Hybrid ?

It seems like you are missing outbound nat for your guest lan : 192.168.34.0/24

Re: Switches & stuff.
Since you can ping devices on your Lan , and you get ip addresses on your guest WiFi. I'd say your switch & Vlan works fine.

The reason you can't go on Inet from WiFi , seems to be that you are not doing outbound nat for that /24. And trying to send an RFC1918 ip to you ISP would not lead to anything good.

Raffi_

@bingo600 said in Port tagging on APU2?:

Why do you use Manual nat , and not Hybrid ?

Was wondering this also.

@bingo600 said in Port tagging on APU2?:

It seems like you are missing outbound nat for your guest lan : 192.168.34.0/24

Good catch.

bingo600

@orangehand

Not that it matters "much" .. nitpicking
But your 3CX NAT rule at the top, is covered by the 192.168.33.0/24 NAT rule further down.

@Raffi_
Thnx

This was a "tricky one" ..
I'm 99% sure it's solved after OP makes the missing NAT rule.

/Bingo

orangehand

@bingo600 Thank you all so much - that did the trick in Outbound NAT!

No idea why it wasn't auto created though

bingo600

@orangehand said in Port tagging on APU2?:

No idea why it wasn't auto created though

In your outbound NAT settings you have "tick'ed" Manual NAT (the round dots in top)
That means no automatic nat is done.

You should use either automatic or hybrid (hybrid let's you get automatic + you can add some your self)

/Bingo

orangehand

@bingo600 That makes sense! It was on manual I think due to some instruction from 3CX. If I put it back to auto or hybrid will anything get changed? Or will it just affect future changes? Thanks

bingo600

@orangehand
I'm 100% sure

I would not expect it to be doing nasty stuff.

Do a backup of your config , and try to switch it to hybrid.
If anything FSCK's up , you can restore the backup , and you're back.

Btw: The 3CX NAT seems redundant , it's covered by the 192.168.33.0/24 nat further down

/Bingo

orangehand

@bingo600 OK, nothing nasty happened! Will delete the redundant 3cx rule. Thanks SO much for your help; I'm incredibly grateful.

bingo600

@orangehand

Glad to be of assistance , we have all been in that situation

/Bingo

bingo600

@JKnott said in Port tagging on APU2?:

@bingo600

No, just making sure he's not missing anything.

@JKnott
You're right.
Sorry about the "rant" ..