![]() Under Static IPv4 Configuration enter the gateway address for this interface and specify the subnet size.Change Description to “PURPLE” for clarity.Click the default Interface name that was generated for this interface to open it’s settings.In the bottom row in the table select the first VLAN “VLAN 20 on igb1 - opt2 (PURPLE)” and click Add.Later we’ll add config to the switch so that it can map the VLAN’s to the AP, but for now we need to define the networks for these VLAN’s: Note that since we have created the PURPLE and ORANGE VLAN’s under the parent interface that the GREEN LAN, they are all served through the same physical interface, meaning the single uplink from the pfSense router to the UniFi switch carries all three networks: Then repeat for the ORANGE network but with the tag “30” and the description “ORANGE”.Enter the human-friendly description “PURPLE”.Select the parent interface to be igb1 - the interface that the GREEN LAN network is on.Click the Add button to define the first VLAN which will be PURPLE.I already have the second port on the router (igb1) configured as GREEN with the subnet 10.80.2.0/24. ![]() 30 - “ORANGE” - for untrusted WiFi devices and such as guests phones and laptops.20 - “PURPLE” - for trusted WiFi devices such as our phones and laptops.Untagged - “GREEN” - for trusted computers and services on the wired LAN.Orange generally just has access to the Internet. The difference between these is that the purple network can access resources on the green (wired) network such as the Plex server. purple - this is the network for trusted devices like our phones and laptops.Note that when I first setup my router I wasn’t yet using VLAN’s and the 6 NIC’s were useful to be able to physically separate networks, but now it’s total overkill and two would be enough - one to the Internet uplink and one to the managed switch. I also have a UniFi US-24-250W switch, but this does not have a direct role to play in the VLAN and network config. UniFi Controller running on a Raspberry Pi (part of my control node project).pfSense firewall / router built on a fanless mini-PC running a core i5 CPU, 8GB RAM and 6 NIC’s.It turns out to be very easy to configure them to work together with pfSense owning the VLAN definitions and addressing, and UniFi mapping those VLAN’s through to a WiFi AP. PfSense and the UniFi suite both support VLAN’s.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |