Netgate SG6100 with sfp+ and Unifi swith troubleshooting

Stef_R

I hope someone can help me figuring out 'where' the problem is in my setup and why I don't see any traffic on the configured sfp+ ports.

I have a SG6100 and I have configured my incoming internet port configured on port WAN1 (ix3) and I have connected my outgoing LAN traffic on port ix0 with an sfp+ dongle. (Type UACC-OM-MM-10G-D from Ubiquity with a standard fibre cable LC-LC Multimode OM4)

This is connected to a USW-Pro-Max-16-PoE switch on port 18 which is also a sfp+ port and have used the same sfp+ dongle as in my pfSense box.

On the SG6100, I did a factory reset to strat from scratch.
Went through auto setup and assigned the WAN interface ix3 and my LAN interface igc0.
After this initial configuration, I created the VLAN's I want to use on parent interface ix0 (sfp+ port), assign those VLAN's to the interface ix0, and setup DHCP servers for all VLAN's.

If I go to Status -> Interface, I see the sfp+ link on ix0 is UP:

As far as I can see I think I have setup evrything correctly on my pfsense firewall.
So this left me thinking the problem must be in the Unifi switch.

I have configured the sfp+ port on the Unifi as follow:

But still there is no traffic and no internet.

What I do see is that when I connect a RJ45 patch cable between the LAN port igc0 om the SG6100 and a random 'unconfigured' port on the switch, I do get an IP address on the native or default VLAN 1 interface.

patient0

@Stef_R what pfSense+ version are you running?

You wrote that LAN is on ix0 and a bit further down that you get an IP if you connect a RJ45 cable between port igc0 and the Unifi switch.
Have you created a bridge on the 6100 which includes ix0 and igc0? If not (you should avoid bridges on pfSense if possible) then the question would come up of how you get an IP when connected to the not-configured switch port?

Can you show the interfaces and DHCP server configs for them?

I just started to tip my toes into Unifi, so take any advise with a grain of salt. For starting I followed Lawrence Systems: How To Setup VLANs With pfSense & UniFi.
Maybe that's a starting point for you, too?

stephenw10

You might try just setting up ix0 dircetly to the switch without VLANs and confirm that works as expected first.

Stef_R

Yeah, I did that too but still some problems to get it to work.

However, I did get it to work eventually but it was using the igc0 RJ45 1GbE connection instead of the ix0 sfp+ 10GbE connection.
Since everything was working correctly, and the backup file is like a plain text file, I decided to download a back-up file of the current configuration, search every instance of "igc0" and replaced it with "ix0".
Restored the new config file in the pfSense device and it worked like a charm! :-)
Don't know why it didn't work in the first place, but glad it works good now.

Stef_R

@patient0 said in Netgate SG6100 with sfp+ and Unifi swith troubleshooting:

I just started to tip my toes into Unifi, so take any advise with a grain of salt. For starting I followed Lawrence Systems: How To Setup VLANs With pfSense & UniFi.
Maybe that's a starting point for you, too?

Thanks for the info.
I know that the Unify (Ubiquity) ecosystems works a whole lot different than the normal business switches like Cisco's.
Before I had an old SG300 PoE switch but wanted to replace it for something more updated and future proof.

I had two switches I wanted to upgrade to: TP-Link Omaha switch and the Unify switch.
Since I already had the Cloud Key Gen 2 from Unify, plus two U6-Enterprice access point, the choice eventually fell for Unify with an Max Pro 16 PoE++ 2,5GbE switch.
Now, my access point (who are also 2,5GbE) are nicely connected to the faster ports and I also have a speedy connection to the pfSense firewall.

Learning curve with Unify is tougher than I first thought it was, especially since I'm not an IT expert, but thanks to the great YouTube clips (like from Lawrence Systems!) helps a lot.
But as always, you must filter out the exact information you need for your own situation, because there will never be a YouTube movie that describes the exact same setup you have!

tedquade

@Stef_R I run an almost identical setup and have years of related experience. I am happy to provide any info I can offer, just make some noise.

Ted Quade

Stef_R

@tedquade said in Netgate SG6100 with sfp+ and Unifi swith troubleshooting:

@Stef_R I run an almost identical setup and have years of related experience. I am happy to provide any info I can offer, just make some noise.

Ted Quade

Hi Ted,
Many thanks for the help!
Although it works right now, there is just one thing I don’t seems to get working and that is to have the Unify equipment to have an internal IP in the Management VLAN 20.
Right now, it keeps getting an IP address from the native VLAN 1 instead.
I do believe I have setup my Netgate SG6100 correctly since other devices like my Synology NAS does get the correct IP assigned from VLAN 30 - Servers.

Is there anything I can check on the Unify side to see if I’m getting it wrong somehow?

tedquade

@Stef_R Can't help as I do not do VLAN and have avoided their deployment. I have so far found no good use for them.

Ted