VLANs on Unifi
Вставка
- Опубліковано 2 жов 2024
- In this video I go over how to setup VLANs in a Unifi network. I use a Unifi Security Gateway in this video, but the same concepts apply to the Unifi Dream Machine and Dream Machine Pro. I try to hit on all the differences, but I'm sure I'm missing something.
This video is focused more around preparing the USG for VLANs, but I do actually configure a switch in the video as well.
High-level VLAN Explanation: 0:44
Why do we need VLANs?: 4:40
Typical VLAN Assignments: 5:20
VLAN Planning/Diagram: 5:53
Creating the Networks (VLANs): 7:00
Port Profiles: 12:30
Applying VLANs to a switch: 14:27
Testing a VLAN: 16:22
Recap: 18:06
Thank you so much for explaining this topic so clearly, so many other videos are made for newbies but they go so fast and explain so little that only advanced users could follow along.
They completely alienate the intended audience. But your expertise in explaining a topic is top notch. Thank You!
On the switch would you be limited to 2 vlans since there are only two ports on the USG?
No, you can still have multiple VLANs even though there are only two physical ports. This is accomplished with virtual interfaces and/or "sub-interfaces". Each port can differentiate traffic for many different vlans based on the "tags" attached to incoming traffic.
Do you have a video on that?@@ToastyAnswers
great stuff .. I spent all my evening configuring ports and surf the net to understand why my new wlans won`t give me an IP only to find out that I haven`t selected the uplink from the main switch to USG to ALL .. great vid !
Unifi can be a pain in the ass to figure out but once you got it once you understand it forever.
Hi bro, Thanks for Simple, Video solved my problem,Thank you so much, I am strugled since so many for Two networks and stop communicate with each other, This video help me lot, I created Guest network suceess. please do many more videos, And UnifiGateway Pro Not working keep on failing DHCP, Not getting IP from GW Pro, Few IPs coming few not. Changed to USG 3 port working fine. Can you check out why its happening
This was one of the more intuitive explanations of VLANs. And I only just came to learn about Unifi configurations. Thanks.
VLANs in UniFi by default can talk to everything which is the opposite of most platforms. So nothing is isolated between LAN and any VLANs till you put in the firewall rules which you should explicitly mention.
It's been awhile, but you are correct. I should have mentioned this if it wasn't in the video. It must have slipped my mind.
can i adopt APs to the VLANs that are not conected directly on a port of UDM by assignning a VLAN ID on it?
Thanks for making the video, it was extremely helpful. Thank you
Love your videos, easily explained and informative. And your voice is so calming dude!
Great video. So easy to understand. Cheers!
@Toasty Answers Hey what are you using to record your screen and sound and if you can make a tutorial of how you put tutorials together. Thanks in advance.
That's a pretty good idea. I'll go ahead and lay some of it out in this comment.
Screen/Audio Capture: X-Split Streaming Software (local recording only)
Audio Hardware: Alesis Multimix & Audio Technica AT2020
Whiteboard: Windows Ink
Digitizer: Boogie Board Sync (Discontinued)
Editing Software: Final Cut or Wondershare Flimora (Depending on the video)
@@ToastyAnswers Awesome, thanks
Nice video. It would be possible to create a VLAN with only my router ISP and an uap-ac-lr?
Thanks for making this video!
I almost went into this unify ecosystem with this USG until I watched this and a few other videos you made. The 85 mbps limit and no hardware offloading with the security features on, is a deal breaker for me. The selling point for me was the dual WAN port but sadly this thing is so under powered... What's the point of adding 2 WAN ports on such a low powered device? And the USG Pro is way too much for what I need at home. So... I'll look elsewhere.
You are definitely not wrong. To me, this device has a home for rural areas that still have very sub-par connection, but still want to run security services.
For faster connections, the Dream machine or Dream Machine Pro are definitely much better options. Price is a bit higher, but it isn't astronomical.
Very helpful and clear thank you
Does UDM Pro have URL blocking(not per category)? and how effective blocking Torrents/P2p?
I believe it does, but I'm not for certain how effective it is.
In my experience, I haven't found a great way to block Torrents/p2p or police the traffic effectively. It is more of a "reactive" situation where you find out a machine is torrenting, and you either block or police that entire machine.
Hello,
On the switch, is it possible to add the "guest" network + the "IOT" network on the same port?
To connect a wifi antenna to this port and broadcast the 2 separate networks on a single antenna?
Regards
Yes, this is possible if you configure the port properly. The Wifi antenna (or access point) will have to be VLAN capable to accomplish this. One of the networks can be untagged while the other one will need to be "tagged".
Thank You..................
Great video man. I'm curios did you change your network-defuault to LAN? Do you have videos on creating firewall rules?
I believe I did... I'm not entirely sure. I have a couple videos that touch on firewall rules. I set some up in the Complete Unifi Network Setup Video and I go over them in an Edgerouter-specific video as well.
So this is mostly from the wired perspective. I have 30+ wireless devices, the majority of which are IoT, how would you vlan a wireless setup? I have a unifi ap ac lite and looking at getting a ish. Would I be able to accomplish wireless vlan setup?
The only addition to make this work with wireless is to configure the APs to use the corresponding VLANs that have been setup. Tomorrow morning my complete setup video will be coming out which goes over setting up VLANs on wireless as well as wired.
Very good video, thank you!
Maybe I missed it, but I noticed when I go devices>select my switch>select configure (gear Icon) > under... services, I think, we have the option of setting a ‘Management’ network there.
Does that make our selected network there, into an untagged vlan for every port on the switch?
I've actually never used this option before, but it does not determine which VLANs are untagged. From my understanding, setting this option changes which interface will be used for management (i.e which interface will communicate with the controller). If you have a dedicated management LAN, or just don't want your device management to happen on your main LAN, you can set this to another network and the switch will use the interface/IP on that network for management purposes.
The actual "port" configurations will stay the same.
Great, thank you!
I like the video And the whiteboard overview thanks for sharing.. I think saying "there is a range of VLANs you can use but it is really up to you" is counter intuitive.
Good point. I probably should have picked a better way to say that. I just didn't want to get into the weeds of explaining the range of VLANs which are usable and the reasons behind why. It would probably be beneficial to know the limit...
I can also see why it's counter intuitive since I had already said to try and match it to the networks for simplicity... whoops.
Bro where's the new content? Are you too busy for us now? 😆
I wish I had more lol. Things have been pretty busy, but I have a new video incoming.
Hi. Just curious, why didn't you cover wireless? Thanks.
I wanted to have a pretty specific focus with this video and only cover VLANs. The setup for wireless is very much the same, but the VLAN number would be specified on the wireless network. This setup would need to happen in order to use it with wireless.
I have a video coming out in the next couple weeks that will go through complete setup (Security, VLANs, Wireless, Switches, etc..).
@@ToastyAnswers Thxsomch for the clear, concise answer. I look forward to that video. You help a lot of us out here that aren’t network guys. I’m self-taught and ALWAYS need help with things types of things.
I got recommend to your channel because craft Computing uploaded a similar video on vlans
Craft Computing, I like that channel.
Great video on Unify VLANS. I recently bought a UDM pro and am looking for information on its security settings - how does one restrict a VLAN to specific MAC addresses ?