<![CDATA[How To Setup SD-1100 w/Ubiquiti ER4+ES10]]>I'm trying to put my SD-1100 behind my Ubiquiti router & switch devices like this:

<Internet>
   ^
   v
Motorola MB8600 Cable Modem (MB8600)
   ^
   v
Ubiquiti EdgeRouter 4 (ER4)
   ^
   v
Ubiquiti EdgeSwitch 10 (ES10)
   ^
   v
Netgate SD-1100 (IDS/IPS)
   ^
   v
Ubiquity UAP-AC-LR (Wireless AP)
   ^
   v
<LAN>

Up until recently, I have had the SD-1100 behind the MB8600 followed by the ER4 & then ES10. I believe Double NAT'ing was at play, among a few other poor configurations.

Given that the ER4 and ES10 are far more capable performance-wise with routing, the SD-1100 should be behind them. How should an SD-1100 be configured to support this topology? ...static IPs on both its WAN+LAN ports? ...external/internal bridge?

]]>https://forum.netgate.com/topic/172505/how-to-setup-sd-1100-w-ubiquiti-er4-es10RSS for NodeSun, 10 May 2026 05:45:29 GMTSat, 28 May 2022 23:07:43 GMT60<![CDATA[Reply to How To Setup SD-1100 w/Ubiquiti ER4+ES10 on Tue, 26 Jul 2022 01:39:17 GMT]]>Pure routing sounds like the way to go @stephenw10. Thanks!

]]>https://forum.netgate.com/post/1053514https://forum.netgate.com/post/1053514Tue, 26 Jul 2022 01:39:17 GMT<![CDATA[Reply to How To Setup SD-1100 w/Ubiquiti ER4+ES10 on Sun, 29 May 2022 15:54:12 GMT]]>Bridging will not be any faster than routing. In fact it's often slower.
But if you want to configure the SG-1100 as a transparent device that's what you'd have to do.
https://docs.netgate.com/pfsense/en/latest/bridges/index.html

You might consider just disabling NAT so it's purely routing, which would be faster.

Or just running it as an IDS only using a mirror port on the switch.

Steve

]]>https://forum.netgate.com/post/1044363https://forum.netgate.com/post/1044363Sun, 29 May 2022 15:54:12 GMT