pfSense and Unifi basic config with vlans
-
Hi all, Im hoping you can help me with the basic set up of my pfSense and Unifi network with vlans as I've gt myself a bit stuck. Sorry this is going to be a long one and Ive taken a lot of screenshots (if I can upload them) to give as much info as possible.
I'm wanting to eventually set up a netwrk consisting of a pfSense router, 3 unifi switches and 3 unifi WAPs but to keep things simple with initial configuration Im starting with the router and one switch. I was originally going to have 3 vlans handling all my devices (Home, Guest and IOT) but after advice Ive added in a 4th vlan for management which will have all my unifi devices on.
I believe I have pfSense configured correctly with basic firewall rules on Home, Guest and IOT that should prevent them talking to each other but allow access to the internet. I also believe that Ive got the vlans set correctly on unifi but I must have smething wrong as everytime I try to set my client with a static IP from the Home (only vlan tested so far as theyre all set up the same) I loose connection; as soon as I set it back to DHCP and it obtains an IP from the LAN pool it starts working again.
Any help would be very much appreciated.
-
-
-
-
-
-
-
-
-
Thats all the screenshots which I'm hoping is every screen you should need.
-
@Polar_Bear88 2 things.
What are you trying to set the IP settings to when you are setting it statically?
Can you provide a picture of the port settings on unifi, both the client device and the router.I am using Unifi and Pfsense at my church and have not had issues getting the VLANs setup.
-
For an IP I was using:
IP 10.100.1.4
Subnet 255.255.255.0
Gateway 10.100.1.1I believe all ths screenshots should be there now. The very last one is the port settings for the unifi switch showing every port has all
-
@Polar_Bear88 I see that now thank you. So you are passing all VLANs to the client PC? If I am not mistaken since Windows is not VLAN aware it will only see the native VLAN (VLAN 1 by default). In this case I believe that would be your LAN network, and I believe that the IP you are setting is outside of that subnet. I am still a bit new to this networking stuff, so if I am incorrect anyone should feel free to correct me.
-
I thought that with the unifi switch going between the pfSense router (configured with all the networks) and the client, it should be stripping off the vlan tag and allowing the client to connect
-
@Polar_Bear88 You would need to select the "HOME" profile for that port on the switch in order to put the client device on the "HOME" vlan.
-
So I can’t have multiple networks being fed through a single port on the switch and then my client selects the vlan it wants to connect to? I need to individually select the network that each port is for (multiple when going to anther device such as a switch or WAP) ?
-
@Polar_Bear88 That is my understanding. As devices that are not VLAN aware only see the native VLAN when multiple VLANs are passed to it.
-
Ah ok. My first time playing with vlans so I thought that as long as a vlan capable switch was in the middle I could still feed multiple vlans down one cable.
I’m currently setting up another client with windows. Once done I’ll change a port to each individual vlan only, assign it an IP from the respective pool and test then feed back. Would be great if this is working and it was just my understanding of it being lacking as I can then start asking my next questions in the appropriate threads.
