UniFi Third Party Gateway - AKA VLAN Only

preview_player
Показать описание
We've talked before about how Ubiquiti will change the vernacular in UniFi and their products. Here's a quick video to catch you up on how to create a VLAN only. You're now looking for the Third Party Gateway option -- which just creates the VLAN at Layer 2 and pushes it to the switches as a port profile and as selectable network for WiFi. You'll have to have the router somewhere in the VLAN to handle routing. Enjoy!

Affiliate Links (I earn a small percentage of the sale if you use these links):

Contact us for network consulting and best practices deployment today! We support all Grandstream, DrayTek, Obihai, Poly, Ubiquiti, MikroTik, Extreme, Palo Alto, and more!

Come back for the next video!
Twitter - @WillieHowe
TikTok - @whowe82

SUBSCRIBE! THUMBS-UP! Comment and Share!
  1. Willie Howe
  2. unifi
  3. ubiquiti neworks
  4. unifi vlan setup
  5. unifi vlan only setup
  6. unifi third party gateway
Рекомендации по теме
UniFi Third Party 0:04:37

UniFi Third Party Gateway - AKA VLAN Only

VLAN Basics Using 0:13:57

VLAN Basics Using Unifi Switches, Access Points, and Third Party Firewall

UniFi - Using 0:03:16

UniFi - Using UniFi Switch to pass external VLANs

Using Starlink mini 0:03:09

Using Starlink mini with third-party routers. Ubiquiti UniFi Cloud Gateway Ultra

Choosing The Right 0:05:38

Choosing The Right Compact UnIFi: Cloud Gateway Max or Ultra?

UniFi Network With 0:19:54

UniFi Network With a Non UniFi Firewall (pfSense With Layer 3 Adoption)

UniFi Networking Innovations: 0:02:38

UniFi Networking Innovations: Site Manager | Network 8.3 | Cloud Gateway Max

UniFi Network BEGINNERS 0:46:14

UniFi Network BEGINNERS Configuration Guide | 2024

Unifi Network connecting 0:06:05

Unifi Network connecting to TP-Link Switch

UniFi Network Setup 0:38:31

UniFi Network Setup & Configuration Guide | 2023

Using third party 0:05:11

Using third party cameras with Unifi Protect - IT'S HERE!!

Unifi Network With 0:08:13

Unifi Network With TP-Link Router

How to configure 0:08:44

How to configure vlan on and separate ip address on Unifi AP | Ubiquiti

Introducing UniFi Protect 0:01:21

Introducing UniFi Protect 5.0 and Enterprise NVR [Early Access]

Where To Host 0:07:17

Where To Host Your UniFi Controller and Why

Add UniFi Access 0:14:03

Add UniFi Access Point to Existing Network | Step-by-Step

UniFi Basics: Start 0:14:52

UniFi Basics: Start the Right Way Without Breaking the Bank!

Using Optic Fiber 0:11:16

Using Optic Fiber in Unifi Switches - Which Tranceiver Module to use?

Unifi for Beginners 0:08:55

Unifi for Beginners - How it Works and The Reasons for its Success

Unifi UDM Pro 0:16:34

Unifi UDM Pro with non-Unifi access point

Configuring VLANs, Firewall 0:30:39

Configuring VLANs, Firewall Rules, and WiFi Networks - UniFi Network Application

UniFi Guest Network 0:05:19

UniFi Guest Network Explanation

Explained: The 5 0:24:53

Explained: The 5 Types of VPN in UniFi Network

FritzBox als IP 0:15:03

FritzBox als IP Client Telefonanlage hinter Unifi Gateway

Комментарии
Автор

I've a couple of networks that seem to have broken with the change.
It used to be that VLAN1 would just work with third party routers.
And I seem to have had an issue now where the VLAN tags don't work as they used to.
Could you look at building a network with VLAN from scratch without a UniFi router and see how you get on.
Would be a useful video.

MatthewWilsonIT
Автор

Thank you for not screaming "WHAT'S UP GUYS!!!" 10/10. Would subscribe again.

GreySkullification
Автор

Yes that works fine here @ my Home for now maybe 2 Years.
Im in Germany, im using FTTH and got a "AVM Fritzbox" from my Provider as a "Router" it handles VOIP too.
So i used "Lan 1" from the "Fritzbox" for my Main LAN. And in the "Fritzbox" i select "Lan 4 -> Guest LAN".
Im using a 24 Port UniFi Switch und 3 APs. So i added this VLAN Only (VLAN ID: 100) Network.
The "Uplink" from the "Fritzbox" to the UniFi is configured to VLAN ID 100.
My APs are sending my Main LAN and the Guest WLAN :)

Michi_
Автор

watta guy, after 2 weekends of work you've saved me! could not find the option anywhere to set the VLAN for the full network nut jsut via SSID.

connormacpherson
Автор

thank you so much, I was wondering where 'vlan only" went too

killerbees
Автор

Cheers from Denmark
I have a Mikrotik where I have created 2 VLANS ( 20 and 30 ) From that Eth5 it goes to a ciscoswitch where my AP's are in port 1 and 2. Now those ports are made trunk ports as I wanna seperate the iOT VLAN20 and Guest VLAN30. Now if I create VLANS on my controller to the 2 U6 Lite APS' they go offline. Could you show a complete setup if possible on a mikrotik via switch and how u make the VLANS on the controller. Now I dont have a dedicated controller, just one I start when I have to to alterations on my AP's. Thx in advance and keep up the good videos.

henrikmller
Автор

I don't really like the new UNIFI interface and approach, but it takes some getting used to.
Have you noticed that when adding a new VLAN, this network is added to the allow section for all swich profiles? Which causes customers to suddenly get a network that was not intended for them. Do you know any way to prevent it from doing this automatically?

bylemwidzialem
Автор

This is exactly how we us UniFi with our corporate firewall and routers. It works perfectly well, though we lose some of the UniFi reporting functions.

KeithGadget
Автор

Hello and thank you for the video. I'm new to using unifi products and I have been trying to get the controller and switch on a management vlan and I use pfsense for my router. I seem to have a lot of issues with the controller and switch not wanting to work right and adopt after switching the devices to a static IP. Any tips would be greatly appreciated!!

vanessasky
Автор

We are attempting to put a Unifi Gateway between the corporate firewall and the LAN to manage VLANs and to replace an aging ARUBA that is currently the iphelper for vlans. It is a little bit of a struggle as I think we are missing something because the controller keeps losing the devices. The corporate firewalls are doing all the web filtering and site to site VPN, All I want is the gateway. Is this possible? Maybe now that you can disable NAT with the new unifi controller.

donnielewis
Автор

Are there any use cases where I could use a VLAN-only network with just a L2 switch and a UDM-SE?

Aking
Автор

how about using Pro Max 48 PoE with fortigate firewall, what is the best senario you can you, routing on fortigate or UPS and how can you configure it

UnstoppableMotivation
Автор

Great video! I have configured VLANs with Cisco, Zyxel, and Netgear switches in the past, but I just got my very first Unifi switch. Your video was very useful. It seems that 99% of the online info and Youtube videos assume VLAN setup with a Unifi gateway. So, this video was very useful, and concise. If only I found this video earlier :-) (aside: I use a Synology RT6600ax for my router, which has VLAN support and servers as DHCP server for my VLANs).

I saw some videos that talked about setting up VLANs on a UDM. Does Unifi really have all ports open to all VLANs by default, and it's necessary to setup firewalls to isolate the VLANs from each other? It seems odd, and I had expected that, by default, VLANs should be isolated from each other.

So, if we're using a third party gateway, I assume that, depending on how the third party gateway is configured, the VLANs will be isolated from each other, and all I need to do to setup VLANs in a Unifi switch is just what you discussed in this video? Thanks.

rmangoba
Автор

To start this story you should know I started my networking career in 1996 with Cisco devices, . First device I had to configure was a Cisco 2514 router for a customer, soon switches folllwed etc., so that's where I'm coming from.

Four years ago (December 2018) I started my Ubiquiti "journey" with an EdgeSwitch ES-16-XG. I just wanted affordable 10 Gbps and it's great for that. Coming from Cisco devices I'm not afraid of CLIs so that's how I generally configure my EdgeSwitch. For a long time I used it also for Layer-3 switching (routing between VLANs) limited to IPv4. IPv6 was handled by a trusty old Cisco WS-C3560CG-8TC-S limiting IPv6 bandwith to 1 Gbps. My main traffic is IPv4.

In May of 2019 I added Unifi (UniFi US-8-60W and UniFi UAP-AC-Lite). I just wanted a reliable, powerful, still affordable WiFi solution. While learning the web based configuration using Unifi controller I had to figure out how to create "VLAN Only" networks since I didn't have a (suitable) Unifi firewall/router/gateway but other (third party) devices for the job (third party gateways). For a while I used a WAN router to connect to Internet and a UniFi USG-PRO-4 as my internal firewall. In the meantime I replaced the router with a pfSense (external) firewall for my Internet connection and. The internal firewall just sits bewteen my external firewall and my internal Layer-3 switch adding an extra layer of protection for my internal VLANs.

Recenetly I bought a Cisco CBS350-24T-4X-EU, which now handles my internal IPv4 and IPv6 inter VLAN routing. The 1 Gbps limitation for IPv6 bugged me and there was no hope for firmware updates for my old Cisco workgroup switch. After 10 years of services it was time for "retirement". The new devices also replaced a sparsely populated 48 port Unifi switch, so I now save some money on electricity after replacing two devices with one. ;)

The main drawback of such a configuration is that one needs to comfigure the uplinks/downlink to "third party" devices outside the Unifi controller so it's not everything under one umbrella anymore, but as a seasoned networking guy I can live with that. :)

bassbacke
Автор

Hi Willie,
Care to help a beginner out?

I got a USW-Pro-Aggregation that I want to use as a Core Switch for inter-vlan routing and also dhcp server for each vlan. I have 1 link from the USW-Pro to an Edge Switch which connects to end devices and 1 uplink to a Fortigate router.

I have been struggling for the past few days to get the configuration done. I want the USW-Pro to pass all vlans through that 1 trunk and the edgeswitch to be configured with access ports for each end device.

I created each multiple networks each with its own VLAN and for Router I selected the USW-Pro-Aggregation. But it doesn't work.
Am I missing something?

Sorry If I made it hard to understand. Thank you.

psychoticapex
Автор

So i have a unifi 8-port managed switch and a netgear nighthawk router ax5400. Is there anything i need to do on the router to make sure vlans work?

Michael-rqzj
Автор

Any plans to play with the Omada stuff? I’m running it for a switch and AP and cant seem to get the VLANs to play nice without their gateway but I don’t know if that’s just me.

BinaryHackerMan
Автор

Hi Sir, can i create a guest network with just the unify controller and an ubiquiti AP? Hoping for your quick response

joshuamalilay
Автор

I have a similar issue with UniFi in that I have a new express box with just one lan connection, I also have a router X connected to the network and a 8 port switch and also a mini flex switch. I need to connect 3 WiFi ap’s all with the same ssid. Most of this is because of the size of the building. I have 3 networks, Staff, main, guest. Currently I have the Router x connected to the WAN from provider with the Express connect to the RouterX and then the switches are downline. I connected 1 AP to the switch in bridge mode and the other 2 to the same AP’s LAN ports with bridge mode. My issues is spotty connectivity and dropping of connections. Is there a better way with these components ?

jeff
Автор

The firewall rules will not apply to an SSID using a vlan-only network?

giorgosstrataridakis