If you're planning on buying any Ubiquiti gear and want to support me use the affiliate links below :) ▶Ubiquiti USA Affiliate Link: store.ui.com?a_aid=MacTelecom ▶Ubiquiti EU Affiliate Link: eu.store.ui.com/?a_aid=MacTelecom
Haha wow! Just finished my first pre install of my UDM SE. Wanted to dive into the advanced setup today with your older videos, what are the odds you would upload a new guide today. Thank you! :)
Most of my firewall experience is in pfsense but i recently did a full ubiquiti deployment and needed some help understanding firewall rules. Unifi is basically inverted from how pf does this, ie all blocked vs all allowed. This video was the perfect resource to make sure I had a good understanding of how to configure things properly! Thanks for the great video, cheers!
The equipment seems nice and their visual are great, but the way to configure them is a real nightmare, especially the firewall rules which must have been designed by someone who doesn't understand how access control works. And network security is the big thing for anyone now, that's the reason I replace Unifi networks for Fortinet since the last 4 years... The fact that the UDM "firewall" allows inter-vlan routing by default is not good - that tells me that this firewall is more a pimped layer-3 switch with a fancy interface than a real firewall that block everything by default, and thus secure your network without you having to go through all segment and block them. Great video still.
Thanks for taking the time to make this video! Great resource! Its so much better when the video is as long as it needs to cover the subject, as opposed to trying to fit it into a certain predetermined time.
Thanks for the video. You really are a networking expert. Congratulations! You can tell me where I'm wrong: I own a UDM Pro and a USW Enterprise 24 PoE switch. I have configured 5 VLANs and OpenVPN server on the UDM Pro. As an OpenVPN client I can access all VLANs if I don't have L3 enabled on the switch. When I enable the L3 function on the switch for a specific VLAN, I can no longer access that VLAN from OpenVPN. From the local network I can access all VLANs.
I love all of your videos, they are very informative and I appreciate all the great content that you make. ...that being said for demo videos like this where I'm assuming a lot of folks are following along with the video step-by-step with the management console open on one side of the screen and the video on the other side...you go CRAZY fast. I'm constantly having to pause and rewind. Might just be me, and maybe I'm a noob, in which case feel free to ignore.
Thank you so so much, and you increased to nearly an hour, a big thank you for this, you speak so fast, I'm happy this time around you spread it out longer..... for myself, I actually slow the video down by 25% 😅
Great explanation of setup and how to isolate vlans and I like the added trick of blocking local gateway access. Able to do all the firewall rules I need following your logic.
Hey cody.. love your vids. Started planning my network for the new house with unifi bc of ur vids. I'm new in networking and your vids helped me alot. Thanks for that!! Can you please do a vid. On how to setup a nas ( in my case DS224+ ) with firewall and rules?
So I just spent almost 2k on Unify devices. Pray for me because I'm diving into something I've always wanted to get into but know nothing about. A home network such is this is way overkill for me, but I really want to learn about this stuff and I find the best way to learn is hands on. I purchased the dream machine special addition, switch pro max 24, Unifi cable internet modem, and the U6 enterprise access point. I do plan on buying the network video recorder and cameras to integrate into the system, but I decided to wait on that until I get this initial setup up and running. Like I said I don't know what I'm doing and don't want to do to much at once and overwhelm my good ole thinking machine (brain). So please pray I don't destroy a couple grand worth of networking equipment. I'm fairly tech savvy, but know nothing about this stuff.
I like the way you explain. I have a project, which I am going to use Ubiquiti system, except cameras. I will use your link to buy products, and most probably will contact you to help setting up the firewall. Anyway thank you for the videos, I learn a lot.
I don't understand why you need to create this group of gateways 24:30 since the LAN local (and you say it yourself) is for the UDM (= the UDM's gateways). I mean, you just have to create your rule (25:03) with destination any. No ? I tried and it works, I cannot ping any gateway's ip of the UDM.
Great presentation to the Network setup, quick notes here, I had created the block inter-VLAN rule before but that created some issues with the mDNS traffic like Apple AirPlay, AirPrint, and so on, I ended up blocking inter-VLAN traffic per VLAN basis, but thank you very much and keep up the good work.
I just went into the mDNS settings under Global Network Settings and added all of the appropriate VLANS to this list. No issues with with AirPlay or AppleTVs being accessed outside the VLANs they are in.
Yes, even I found it confusing. Its similar to what is done in Azure cloud and called as NSG rules. But they were understandable but these arn't. I couldn't figure out the direction of the trafic and got confused.
Hi Cody, Thank you for your time to put together this tutorial. I saw you used Network version 7.5.162 and not 7.5.176, at least I thought I was this. The WiFi meshing setting has been moved to the 'systems' page from the WiFi settings page. Just to let you know. I might need to redo my setup here....
Thank you Cody for producing an excellent resource for Unifi Network versions setup each year! Questions: 1. 2:56 - What is the drawing program you use for network diagrams? 2. Is there a way to document/print out (old school) the network/firewall setup settings so that you can "see" if you have missed anything for each new setup? Thanks again for all that you do!😊
So I have watched multiple videos from multiple people and yours are always spot on and the best. I am having an issue with having an IoT network be accessible by other networks. Some devices work others do not. I really am struggling with Apple AirPlay. I have Apple TVs as well as TCL TVs in our building that have AirPlay 2. I can see all IoT devices from my staff, childcare, and guest networks but when I go to actually connect it errors out. I've been trying to nail this down for about a month now and am tearing my hair out. Would you be willing to do a video showing firewall rule setup for these types of applications?
Thanks a lot for this video. You clearly have a much better understanding of the ubiquiti firewall than I do. When I get home I'm going to see if I can make mine work. Attempting to block all traffic except RDP and File Sharing between my webserver VLAN and the Main LAN has been challenging for me. We'll see how it goes!
@@MactelecomNetworks it worked! In just a few minutes with your video I have the webserver isolated from the rest of the LAN. I can RDP into it from the default LAN and browse it's shared files but I cannot ping anything from the server itself so I think I'm in good shape now. To me their firewall is strange to use. In my mind one should block everything at the start and then start punching holes through it as needed. Anyway, thanks again, I really appreciate it!
Thanks for another thorough and professionally done video. We can always count on you to do things right!!!! One question I have for your firewall rules concerns the "Drop invalid state" rule. Under the "Rule Applied" options you left it at "Before predefined rules" shouldn't that be changed to "After predefined rules"? Shouldn't "Drop, All" rules be at the end of the operation orders? Thanks again for all your hard work and professionalism.
With the new implementation of the traffic rules, I'm a little confused about when we need to use a firewall rule or a traffic rule. Could you make a video explaining this?
I have an issue with my UDM Pro with the blocking IoT stuff. Its been setup exactly as you've had it for awhile, but from my default network accessing cameras thats on my IoT network it takes SEVERAL tries to actually get access to the cameras. even in my logs it shows this "Reolink Parents Front 2K was blocked from accessing 192.168.1.3 by firewall rule: Block inter VLAN Traffic ." But 192.168.1.x should not be blocked. Its even always pingable. This may be a reolink issue since its showing the camera was blocked and not my PC thats trying to access it.
I use Aggregation for my OS2 fiber links to remote building switches, it works really well. I currently have a OS2 fiber going across the side of the house, then ariel to a woodshed followed by going ariel to a guest building until I can get some conduit out there and power. The power I'll be using is low voltage, the guest building is manly just a small room, upstairs storage and Internet access. Hopefully the ariel fiber is ok until I get the conduit next spring, it's not even armored fiber just standard LC to LC OS2 indoor / outdoor use fiber I got off amazon.
Hi, I'm just starting with Unifi equipment and your video was very helpful. I noticed that you created three Wi-Fi networks. Which network do you and your family connect to on a regular basis? The Guest network? Or is it possible you did not include your own WIFI network in this video? Would you create a WIFI network for the Default network or do you only access the Default network on a wired computer? Thanks.
This is a great video as a beginner to Unifi. But I haven’t seen any videos deal with game consoles like the Xbox. They need multiplayer access to the Internet but also need remote streaming access from phones, tablets etc
I have my wireguard VPN and rules set up exactly the same as you did but I can still ping my cameras, and my wifi and all its devices. I can ping my nas fortunately, but the only thing it blocked was my two PC's. I'd like to lock it down a bit more. Any suggestions?
I still come back to this video to review Ubiquiti config. Hopefully you have a 2024 video coming that includes some of the UI changes in the newer version.
Hello, thx for your work, it could be nice not to do like all others 'youtube it guys" and going much more deeper in the config of the firewall rules !
Another question, sorry English isn't my first language, at 23:39 you mention something that protect users shouldn't be doing but I'm not sure what you are referring to, protect users shouldn't block the vlan x to access other vlan gateways? That would kinda defeat the whole segmentation point wouldn't it?
I saw that you have your mom's house connected via cameras. What is equipment is needed for that? This is something that I've been intrigued by but dont know the minimum requirements other then the cameras. Please help and thank you.
What about IPTV and VLAN taging special for IPTV ? :) I would like to connect TV BOX to my network gear instead of ISP provider modem (in bridge mode atm). What WIFI do you use for your home use ? On Default ?
I'm very thankful for your updated video and did subscribe and like. You did an awesome job of showing the newer interface. VLAN ? ... I have 2 U6 Pros and an Amplifi Gaming Mesh System. I turned the gaming system into an IOT system and want to use VLAN since the Ampifi is VLAN aware. How do I get the Amplifi on a separate VLAN and use the DHCP from the UDMSE, not the Amplifi? 😱
Is your IoT Wi-Fi your main Wi-Fi you use for all your devices? Say, smartphone, thermostat, smart switch, etc? Im trying to figure this out by setting a Wi-Fi network for my main network, guest, and camera while comparing your video. Thanks!
What Network would all of your personal devices be on? I understand separating the IOT, Cameras, and guest network but what about devices such as your phone and tvs?
Great video it really covers 80% of major setup requirements. I'm struggeling with the network settings for the individual ports vs Firewall rules... If a Port is set for CAMera Network only , can IOTnetwork pass thru it because of FW rule ?? ... could you do a video on how to setup these ports vs FW rules?
Thank you Cody , verry much appreciate your lessons. But I ran into an issue, could you make a vid that explains how to share a printer between a few vlans or mayby point to were I can get instructions. My UDM is pretty much configure as you instructed but only Default vlan ca see and talk to the printer. I need to be able to share between three vlans including the Guest accouts. Any help would be great.
I would also be interesting in this. I'm having the same issue. I have to switch to my IoT network in order to print. I want my main network to detect my printer in my IoT network.
Thanks for this. The only thing that I couldn't get working is denying VPN remote subnets access to the Unifi Gateway Console (HTTP,HTTPS,SSH) but I noticed your post on Reddit mentions it isn't currently possible to block this on the Unifi. This seems to be a multi-year problem but I have raised a support call with Unifi to ask if there is an expected fix soon or a work-a-round.
Great guide, just got my first Unifi setup this past weekend and new to follow this guide. Of course they just pushed out a new update! haha. Also, was getting an error on the RFC1918 part. any clues?
I'm curious if the the caution explained at 23:39 by Cody still applies in 2024?? I'm currently setting up my UDM Pro SE, but I will use a different subnet for my the UniFi camera's + Protect if I get some eventually. For my future IOT subnet I will user another subnet and did the same steps as described in this video.
GREATTTT video ! Thanks a million! Quick question, I have both G4 and Wyze cams. Would you assign all cameras to your Cam network or IoT ? Just curious...
Hey thanks for watching. I didn’t do any WIFI 6E configuration in this video. I do have some video on the inwall and enterprise ap though . I currently don’t even use the 6ghz
I have a question unrelated to this video but if you could help I would appreciate it. My question is On this Monday 1-15-2024 I am installing a new sliding glass doors and was wondering if there is a Unifi automatic door lock that I could install? If yes then what would you recommend? I will also run network cable to the new door while it is being installed and buy the Unifi lock setup after. Thank you
Question for you: We both use Bell fibre, I currently have 1GbE. I noticed you have moved to 3GbE/3GbE, which means you're now on the "GigaHub" from Bell which doesn't allow for the SFP+ port to be removed. How do you like the Gigahub, were you able to move it to bypass mode easily? I can't stand having mandatory ISP hardware on my connection which is why I'm still on the 1GbE connection.
@mactelecomnetworks Amazing video and content. Been waiting for this UniFi walkthrough. Thanks for posting. Curious have you done a video on the kit you use to make videos? Camera, mic, lighting, software?
Thanks for watching. This would be the closest video I have to what you’re looking for Office and Network Rack Tour 2023 ua-cam.com/video/qwqPQx6Npbs/v-deo.html
This is an Awesome Video... Thanks so much for all your hard work on this Video. I have followed all the steps and now have a fully set up network. My only proble for now is SONOS. I think I have to be on the same WiFi Network as the Sonos products (currently moved to my IoT VLAN but my iPhone id connecting to a different VLAN/WiFi network. Any suggestions?
Hey Cody. Do you put all your client devices, including your wired desktops etc on the IoT network? Why do they belong on IoT rather than Default? Thanks so much!
Nice Tutorial (at 3/4 speed). Skipping a lot that will impact operation. And a bit painful to watch when switching from the UI to the bright white boards.
When I change the switch network to camera and power cycle the PoE ports the cameras switch to the camera subnet but are no longer seen on Protect. What am I doing wrong?
Hi , I saw that you are with Bell like me , did you keep the 3000-4000 modem/all in one router that bell provide or not ? I didn’t built my network yet but I’m curious how can you bypass their modem with their spf+ fiber.
In the VPN firewall rules section, why would you use LAN OUT instead of LAN IN? I'm confused. Is the VPN subnet 192.168.4.0/24 considered part of the LAN as well? If so, why do we handle it as LAN OUT? Thanks a lot!
Are all those devices for adoption "seen" on the dashboard because they are already connected via wifi to modem? Essentially just nomads on the network waiting for a home?
Thanks for the great video. I have the Unifi Dream Machine Pro I got awhile ago. I thought there was a build in firewall/IDS/IPS? It's been running fine, but today I had an issue and it seems that I was backlogged on the updates and it shut down some functions that needed to be updated and restarted. I can't find firewall or DHCP server options for wired networks. Is this something I still need to reinstall or was it a subscription that expired? One other thing, why doesn't the DM Pro pick up a Cisco switch connected to it? The SG-200 doesn't show up in any of the options in the DM.
Hi Mac thx for your walk thourg of needed settings. could you do a extended versioner where set up firewall setting for PLex, HomeAssistent, google home devices?
Thank you for a fantastic video 🤩 So annoying that the UDM does not support multiple sites administration/setup. How to handle this with an UDM, when having clients (on different locations/sites) without USGs (or UDMs)?
If you're planning on buying any Ubiquiti gear and want to support me use the affiliate links below :)
▶Ubiquiti USA Affiliate Link:
store.ui.com?a_aid=MacTelecom
▶Ubiquiti EU Affiliate Link:
eu.store.ui.com/?a_aid=MacTelecom
Hi Cody, I am in need of Unifi Express for my home network. Could you assist? Thanks
:)
Haha wow! Just finished my first pre install of my UDM SE. Wanted to dive into the advanced setup today with your older videos, what are the odds you would upload a new guide today. Thank you! :)
it's still annoying that design center doesn't accommodate multiple floors since signal travels, you know, in all directions =_=
Hopefully one day ☝️
Most of my firewall experience is in pfsense but i recently did a full ubiquiti deployment and needed some help understanding firewall rules. Unifi is basically inverted from how pf does this, ie all blocked vs all allowed. This video was the perfect resource to make sure I had a good understanding of how to configure things properly!
Thanks for the great video, cheers!
Thanks for the step by step instructions on firewall rules for the VLANs, it was exactly what I was hoping to learn.
The equipment seems nice and their visual are great, but the way to configure them is a real nightmare, especially the firewall rules which must have been designed by someone who doesn't understand how access control works. And network security is the big thing for anyone now, that's the reason I replace Unifi networks for Fortinet since the last 4 years... The fact that the UDM "firewall" allows inter-vlan routing by default is not good - that tells me that this firewall is more a pimped layer-3 switch with a fancy interface than a real firewall that block everything by default, and thus secure your network without you having to go through all segment and block them.
Great video still.
We need a 2024, the way to set up ports and vlans is way different, please 😢
You saved hours of research and thanks to you I could set up my home network. Great job! Greetings from Poland
Thanks for taking the time to make this video! Great resource! Its so much better when the video is as long as it needs to cover the subject, as opposed to trying to fit it into a certain predetermined time.
Thanks for the video. You really are a networking expert. Congratulations!
You can tell me where I'm wrong:
I own a UDM Pro and a USW Enterprise 24 PoE switch.
I have configured 5 VLANs and OpenVPN server on the UDM Pro.
As an OpenVPN client I can access all VLANs if I don't have L3 enabled on the switch.
When I enable the L3 function on the switch for a specific VLAN, I can no longer access that VLAN from OpenVPN.
From the local network I can access all VLANs.
Thanks Cody for this tutorial. I am waiting for the new one for this year :) Greetings from Romania !
I love all of your videos, they are very informative and I appreciate all the great content that you make.
...that being said for demo videos like this where I'm assuming a lot of folks are following along with the video step-by-step with the management console open on one side of the screen and the video on the other side...you go CRAZY fast. I'm constantly having to pause and rewind.
Might just be me, and maybe I'm a noob, in which case feel free to ignore.
No some of us are slow! Just click the settings button in the video window, then you can change playback speed.
HI !!!! Looking forward for a 2024 update. Many many changes since this excelent-at-the-date video . Thanks
thanks for your work. Just tweaked my uds-se for the second time using your videos. Keep up the good work
Thank you so so much, and you increased to nearly an hour, a big thank you for this, you speak so fast, I'm happy this time around you spread it out longer..... for myself, I actually slow the video down by 25% 😅
I try and slow my speaking but always forget sorry 😂 thanks for watching
Great explanation of setup and how to isolate vlans and I like the added trick of blocking local gateway access. Able to do all the firewall rules I need following your logic.
Hey cody.. love your vids. Started planning my network for the new house with unifi bc of ur vids.
I'm new in networking and your vids helped me alot. Thanks for that!!
Can you please do a vid. On how to setup a nas ( in my case DS224+ ) with firewall and rules?
Great video, helped me setup a vlan for my cameras!
So I just spent almost 2k on Unify devices. Pray for me because I'm diving into something I've always wanted to get into but know nothing about. A home network such is this is way overkill for me, but I really want to learn about this stuff and I find the best way to learn is hands on. I purchased the dream machine special addition, switch pro max 24, Unifi cable internet modem, and the U6 enterprise access point. I do plan on buying the network video recorder and cameras to integrate into the system, but I decided to wait on that until I get this initial setup up and running. Like I said I don't know what I'm doing and don't want to do to much at once and overwhelm my good ole thinking machine (brain). So please pray I don't destroy a couple grand worth of networking equipment. I'm fairly tech savvy, but know nothing about this stuff.
I wish you the best luck lol have a fun time learning
I like the way you explain. I have a project, which I am going to use Ubiquiti system, except cameras. I will use your link to buy products, and most probably will contact you to help setting up the firewall. Anyway thank you for the videos, I learn a lot.
Amazing video; thank you, thank you, thank you!!! Just got my UDM Pro up & running as a result!
Really great guide. I used it for adding a new vlan for IOT and it works great
Great insight on how to configure a Unifi network. I finally got my cameras on a separate network for security purposes.
I don't understand why you need to create this group of gateways 24:30 since the LAN local (and you say it yourself) is for the UDM (= the UDM's gateways).
I mean, you just have to create your rule (25:03) with destination any. No ? I tried and it works, I cannot ping any gateway's ip of the UDM.
Great presentation to the Network setup, quick notes here, I had created the block inter-VLAN rule before but that created some issues with the mDNS traffic like Apple AirPlay, AirPrint, and so on, I ended up blocking inter-VLAN traffic per VLAN basis, but thank you very much and keep up the good work.
Does mDNS Traffic traverse VLANS without an mDNS relay on each VLAN?
Can you explain more what you did? I got the same issue.
I just went into the mDNS settings under Global Network Settings and added all of the appropriate VLANS to this list. No issues with with AirPlay or AppleTVs being accessed outside the VLANs they are in.
Please do a video with diagrams outlining In/Out/Local! It's hard to grasp and seems counter intuitive! :)
Yes, even I found it confusing. Its similar to what is done in Azure cloud and called as NSG rules. But they were understandable but these arn't. I couldn't figure out the direction of the trafic and got confused.
Perfect Timing! 😃
Hi Cody,
Thank you for your time to put together this tutorial.
I saw you used Network version 7.5.162 and not 7.5.176, at least I thought I was this.
The WiFi meshing setting has been moved to the 'systems' page from the WiFi settings page.
Just to let you know. I might need to redo my setup here....
Thank you Cody for producing an excellent resource for Unifi Network versions setup each year! Questions: 1. 2:56 - What is the drawing program you use for network diagrams? 2. Is there a way to document/print out (old school) the network/firewall setup settings so that you can "see" if you have missed anything for each new setup? Thanks again for all that you do!😊
Draw io
Thanks, wanted to ask the same.
@@ezekialsa its lucidchart
So I have watched multiple videos from multiple people and yours are always spot on and the best. I am having an issue with having an IoT network be accessible by other networks. Some devices work others do not. I really am struggling with Apple AirPlay. I have Apple TVs as well as TCL TVs in our building that have AirPlay 2. I can see all IoT devices from my staff, childcare, and guest networks but when I go to actually connect it errors out. I've been trying to nail this down for about a month now and am tearing my hair out. Would you be willing to do a video showing firewall rule setup for these types of applications?
I’ve been patiently waiting for your update! Thank you soo much, learn a lot from you!
Thanks a lot for this video. You clearly have a much better understanding of the ubiquiti firewall than I do. When I get home I'm going to see if I can make mine work. Attempting to block all traffic except RDP and File Sharing between my webserver VLAN and the Main LAN has been challenging for me. We'll see how it goes!
Wow thanks so much that was very kind. Let me know how your config goes :)
@@MactelecomNetworks it worked! In just a few minutes with your video I have the webserver isolated from the rest of the LAN. I can RDP into it from the default LAN and browse it's shared files but I cannot ping anything from the server itself so I think I'm in good shape now. To me their firewall is strange to use. In my mind one should block everything at the start and then start punching holes through it as needed. Anyway, thanks again, I really appreciate it!
Thank you! I was waiting for this to drop! Woo!
Thanks for another thorough and professionally done video. We can always count on you to do things right!!!! One question I have for your firewall rules concerns the "Drop invalid state" rule. Under the "Rule Applied" options you left it at "Before predefined rules" shouldn't that be changed to "After predefined rules"? Shouldn't "Drop, All" rules be at the end of the operation orders? Thanks again for all your hard work and professionalism.
With the new implementation of the traffic rules, I'm a little confused about when we need to use a firewall rule or a traffic rule. Could you make a video explaining this?
Mac - can you do a video with a full factory reset of the OS Console and then setting everything back up. This would be very helpful. Thanks!
I have an issue with my UDM Pro with the blocking IoT stuff. Its been setup exactly as you've had it for awhile, but from my default network accessing cameras thats on my IoT network it takes SEVERAL tries to actually get access to the cameras.
even in my logs it shows this "Reolink Parents Front 2K
was blocked from accessing 192.168.1.3 by firewall rule:
Block inter VLAN Traffic
." But 192.168.1.x should not be blocked. Its even always pingable. This may be a reolink issue since its showing the camera was blocked and not my PC thats trying to access it.
Thank you Cody, I look forward to the follow up on firewall rules and vlan part!
I learned allot from your video. Thanks allot!
I use Aggregation for my OS2 fiber links to remote building switches, it works really well.
I currently have a OS2 fiber going across the side of the house, then ariel to a woodshed followed by going ariel to a guest building until I can get some conduit out there and power.
The power I'll be using is low voltage, the guest building is manly just a small room, upstairs storage and Internet access.
Hopefully the ariel fiber is ok until I get the conduit next spring, it's not even armored fiber just standard LC to LC OS2 indoor / outdoor use fiber I got off amazon.
Great video! Im currently setting up a UDM SE and a UDR, this video will help me a lot
Hi, I'm just starting with Unifi equipment and your video was very helpful. I noticed that you created three Wi-Fi networks. Which network do you and your family connect to on a regular basis? The Guest network? Or is it possible you did not include your own WIFI network in this video? Would you create a WIFI network for the Default network or do you only access the Default network on a wired computer? Thanks.
Thank you so much bro for this. Really appreciated it. This going to help for my summer house build. Love you bro. ❤️🙏🏽
This is a great video as a beginner to Unifi. But I haven’t seen any videos deal with game consoles like the Xbox. They need multiplayer access to the Internet but also need remote streaming access from phones, tablets etc
Awesome Video Cody !! I see some light at this tunnel !
I have my wireguard VPN and rules set up exactly the same as you did but I can still ping my cameras, and my wifi and all its devices. I can ping my nas fortunately, but the only thing it blocked was my two PC's. I'd like to lock it down a bit more. Any suggestions?
Thank you for sharing this video.
You absolutely nailed it, good job man!
Yes. Been waiting this.
Perfect timing just what i need!
Why does the UI changed on the video when viewing the firewall at 22:52?
I still come back to this video to review Ubiquiti config. Hopefully you have a 2024 video coming that includes some of the UI changes in the newer version.
There’s going to be a new video in a week or two
Hello, thx for your work, it could be nice not to do like all others 'youtube it guys" and going much more deeper in the config of the firewall rules !
Great stuff!
Can't wait for 2024!
Another question, sorry English isn't my first language, at 23:39 you mention something that protect users shouldn't be doing but I'm not sure what you are referring to, protect users shouldn't block the vlan x to access other vlan gateways? That would kinda defeat the whole segmentation point wouldn't it?
I saw that you have your mom's house connected via cameras. What is equipment is needed for that? This is something that I've been intrigued by but dont know the minimum requirements other then the cameras. Please help and thank you.
What about IPTV and VLAN taging special for IPTV ? :) I would like to connect TV BOX to my network gear instead of ISP provider modem (in bridge mode atm).
What WIFI do you use for your home use ? On Default ?
I'm very thankful for your updated video and did subscribe and like. You did an awesome job of showing the newer interface. VLAN ? ... I have 2 U6 Pros and an Amplifi Gaming Mesh System. I turned the gaming system into an IOT system and want to use VLAN since the Ampifi is VLAN aware. How do I get the Amplifi on a separate VLAN and use the DHCP from the UDMSE, not the Amplifi? 😱
Great Video, exactly what I needed!!!
Am I the only one who finds Ubiquiti's way of understanding firewall rules TERRIBLE? 🤯🤢🤮
Thanks for the new video!!
Would you recommend the SE over the Pro for a home network with U6e x2 install? Does the SE warrant the extra cost?
Is your IoT Wi-Fi your main Wi-Fi you use for all your devices? Say, smartphone, thermostat, smart switch, etc? Im trying to figure this out by setting a Wi-Fi network for my main network, guest, and camera while comparing your video. Thanks!
Love this!
@mactelecomnetworks can you do an updated video of this in the new UI as well as talk about allowing WireGuard vpn server traffic to other subnets
What Network would all of your personal devices be on? I understand separating the IOT, Cameras, and guest network but what about devices such as your phone and tvs?
Same question I have.
Great video it really covers 80% of major setup requirements. I'm struggeling with the network settings for the individual ports vs Firewall rules... If a Port is set for CAMera Network only , can IOTnetwork pass thru it because of FW rule ?? ... could you do a video on how to setup these ports vs FW rules?
Thank you a lot
Awesome video lots to digest 👍
Thanks.
Thank you Cody , verry much appreciate your lessons. But I ran into an issue, could you make a vid that explains how to share a printer between a few vlans or mayby point to were I can get instructions. My UDM is pretty much configure as you instructed but only Default vlan ca see and talk to the printer. I need to be able to share between three vlans including the Guest accouts. Any help would be great.
I would also be interesting in this. I'm having the same issue. I have to switch to my IoT network in order to print. I want my main network to detect my printer in my IoT network.
Thanks for this. The only thing that I couldn't get working is denying VPN remote subnets access to the Unifi Gateway Console (HTTP,HTTPS,SSH) but I noticed your post on Reddit mentions it isn't currently possible to block this on the Unifi. This seems to be a multi-year problem but I have raised a support call with Unifi to ask if there is an expected fix soon or a work-a-round.
Great guide, just got my first Unifi setup this past weekend and new to follow this guide. Of course they just pushed out a new update! haha. Also, was getting an error on the RFC1918 part. any clues?
I'm curious if the the caution explained at 23:39 by Cody still applies in 2024??
I'm currently setting up my UDM Pro SE, but I will use a different subnet for my the UniFi camera's + Protect if I get some eventually.
For my future IOT subnet I will user another subnet and did the same steps as described in this video.
GREATTTT video ! Thanks a million! Quick question, I have both G4 and Wyze cams. Would you assign all cameras to your Cam network or IoT ? Just curious...
Excellent explanation. Does anyone know what program they use for the simulation environment?
Is Unifi proprietary software?
Great and complete from the ground UP. I did not see the detailed setup in your AP's that support 6E like your 6E IW.
Hey thanks for watching. I didn’t do any WIFI 6E configuration in this video. I do have some video on the inwall and enterprise ap though . I currently don’t even use the 6ghz
Thanks!
Thanks so much for the super chat :)
I have a question unrelated to this video but if you could help I would appreciate it. My question is On this Monday 1-15-2024 I am installing a new sliding glass doors and was wondering if there is a Unifi automatic door lock that I could install? If yes then what would you recommend? I will also run network cable to the new door while it is being installed and buy the Unifi lock setup after. Thank you
Question for you: We both use Bell fibre, I currently have 1GbE. I noticed you have moved to 3GbE/3GbE, which means you're now on the "GigaHub" from Bell which doesn't allow for the SFP+ port to be removed. How do you like the Gigahub, were you able to move it to bypass mode easily? I can't stand having mandatory ISP hardware on my connection which is why I'm still on the 1GbE connection.
You do PPPoE passthrough.
@@Nabroloi tried the pppoe passthorugh and saw a 1gbps hit in speed. So to keep the speed I didn't use the spf port
@mactelecomnetworks Amazing video and content. Been waiting for this UniFi walkthrough. Thanks for posting. Curious have you done a video on the kit you use to make videos? Camera, mic, lighting, software?
Thanks for watching. This would be the closest video I have to what you’re looking for
Office and Network Rack Tour 2023
ua-cam.com/video/qwqPQx6Npbs/v-deo.html
This is an Awesome Video... Thanks so much for all your hard work on this Video. I have followed all the steps and now have a fully set up network. My only proble for now is SONOS. I think I have to be on the same WiFi Network as the Sonos products (currently moved to my IoT VLAN but my iPhone id connecting to a different VLAN/WiFi network. Any suggestions?
Has much changed with the UIs since this video was put out? I just got a UDM SE and was looking for a guide to help set it up.
Hi There, can you perhaps make a video on how to replicate an DMZ network on a UDM SE if possible?
Could you share your Ubiquiti "Shapes" Library for Lucid Chart? (Even if it's just a bank of images that would be super helpful)
Hey Cody. Do you put all your client devices, including your wired desktops etc on the IoT network? Why do they belong on IoT rather than Default? Thanks so much!
Nice Tutorial (at 3/4 speed). Skipping a lot that will impact operation. And a bit painful to watch when switching from the UI to the bright white boards.
Bedankt
Albert! Thank you for the super chat you are always to generous really appreciate you :)
@@MactelecomNetworks can you make a video about bebug hou to update a app and more
THANK YOU!!!
Amy news when a upgraded UDM will arrive? Looks like UDM is a great unit, but it is 4yrs old. Se is 2yrs old now.
When I change the switch network to camera and power cycle the PoE ports the cameras switch to the camera subnet but are no longer seen on Protect. What am I doing wrong?
Cody u da man.
Hi , I saw that you are with Bell like me , did you keep the 3000-4000 modem/all in one router that bell provide or not ? I didn’t built my network yet but I’m curious how can you bypass their modem with their spf+ fiber.
In the VPN firewall rules section, why would you use LAN OUT instead of LAN IN? I'm confused. Is the VPN subnet 192.168.4.0/24 considered part of the LAN as well? If so, why do we handle it as LAN OUT? Thanks a lot!
Are all those devices for adoption "seen" on the dashboard because they are already connected via wifi to modem? Essentially just nomads on the network waiting for a home?
Thanks for the great video. I have the Unifi Dream Machine Pro I got awhile ago. I thought there was a build in firewall/IDS/IPS? It's been running fine, but today I had an issue and it seems that I was backlogged on the updates and it shut down some functions that needed to be updated and restarted.
I can't find firewall or DHCP server options for wired networks. Is this something I still need to reinstall or was it a subscription that expired?
One other thing, why doesn't the DM Pro pick up a Cisco switch connected to it? The SG-200 doesn't show up in any of the options in the DM.
Thank you 🙏🏻
Wow finally
Hi Mac
thx for your walk thourg of needed settings. could you do a extended versioner where set up firewall setting for PLex, HomeAssistent, google home devices?
Thank you for a fantastic video 🤩 So annoying that the UDM does not support multiple sites administration/setup. How to handle this with an UDM, when having clients (on different locations/sites) without USGs (or UDMs)?