How To Setup VLANs With pfsense & UniFi 2023

32 thoughts on “How To Setup VLANs With pfsense & UniFi 2023”

• Configuring pfsense Firewall Rules For Home
  https://youtu.be/bjr0rm93uVA

  2020 Getting started with pfsense 2.4 Tutorial: Network Setup, VLANs, Features & Packages
  https://youtu.be/fsdm5uc_LsU

  The Best Diagramming Tool "Diagrams.net"
  https://youtu.be/mpF1i9sfEJ0

  https://en.wikipedia.org/wiki/IEEE_802.1Q

  ⏱ Timestamps ⏱
  00:00 VLANs With pfsense & UniFI
  02:00 IEEE 8021.Q VLAN 101 Basics
  05:54 pfsenwse UniFi Network Setup
  08:50 Defining VLANs in pfsense
  10:17 Defining VLANs in UniFi
  14:27 Using VLAN to create switched networks

• In the second configuration, where you've fed in NSFW_NET into a separate port, do you need to then set the other ports to specific networks? If they're setup for all, wouldn't they somehow get the NSFW_NET traffic too?

• The all Setting is not present any more. and one cable between pfsense and unifi switch doesnt work for me any more. Any hints on there?

• Hi, thanks for video.

  Can I use the scenario without USG ?
  I mean, if I host Unifi network application on my own server, can I set on single port multiple VLANs ?

• So you only need L2 switch from unify to vlan tag the ports ?

• So is it possible to define 4 networks in the pfsense and and have two VLANs over one Interface and the other 2 over the other? So by that I mean is it possible to have multiple tagged VLANs over a interface on but not all?
  My use case: I have a pfsense and a UniFi switch in the main house. From there I connect multiple access points „VLAN 1“, security cams „VLAN 100“ also I make a connection to the garage where I have an extra switch which only needs an uplink to the main switch for VLAN 100 the Cam network and an extra VLAN 110 for the door access. So is this possible to have two VLANs tied to one port but not the main VLAN 1?

• Do you have one for pfsense and omada?

• Well, thank you, this is exactly what I was looking for. Using OPNsense with TP-Link Omada, but as OPNsense is a fork of pfSense, and Omada a rip-off of Unifi, the video remains valid 🙂

• So, port 16 and port 24 are trunk ports. Am I right ? thanks !

• Having a fun time trying to figure out if VLANS will work with my set up. Main host is ESXi 6.7.0 Update 3, with a PFSense vm as my main router, and the Unifi Network Controller hosted on another vm as a docker container (on the same ESX box). So far, no luck. PFSense is showing no traffic on the VLAN. Checked the VLAN tags, etc., as provided in this video, so I think somewhere in all of the virtualization, something is not VLAN aware.

• Is it possible to make a USG4Pro work WITH pfsense? I do like the unifi environment and wish it was easier to use both.

• Hi Sir, This video is really helpful for us to understand how we connect PFSense with Ubiquiti Layer 3 Switch. However, is it possible to use Cisco ASA instead of PFSense?

• Can I just define VLAN 10 in pfsense on the second example?

• Hello Tom, first of all thank you for your very informative videos.
  I currently have a UDM-Pro, a US16-150W switch, a U6-Pro, an AP-AC-Pro and an AP-AC-M. My networks consist of the main Lan, a guest network, an IoT network and a camera network, but only one NVR from another manufacturer is connected to it. But I would like to use a pfsense in the future, but I'm not sure whether I should use the pfsense in addition to my UDMP, or replace the UDMP completely with the pfsense.
  What would be your recommendation in this case?
  Many greetings from Germany

• I'm about to upgrade my home network and will be replacing my ISP router with a pfsense box. I need to also purchase a managed switch and some APs. I know this isn't entirely related to your video, but I'm on the fence about going the ubiquiti route or another direction. I am setting up a proxmox home lab and plan to use my home network to expand upon my networking skills. I'm assuming ubiquiti is the easy route and likely not too relevant to my future enterprise networking gigs, but I'm curious if you'd still recommend it or if you have another recommendation.

• My dude, you know exactly what I need in life, thank you!

• How you can connect Unifi to manage a remote network? I've trying setting up a VPN but doesn't seem to have an option to tell Unifi to look for that particular LAN… thanks

• Very helpful Tom. I just got a new USW Pro 24 PoE switch and was needing to know how it works with PFsense or OPNsense. Thank you.

• do you need a unifi switch to use unifi Access Point? i was thinking about plugging it into a switch(or it's a hub. not sure) and have it go into the pfsense router. directly. i do know need to look for a poe device to power the access point. for a home network.

• Do you have a recommendation for a home network using a managed Unifi switch?

• Tom – Your videos are one of the best sources of information regarding networking with pfSense and Unifi. I truly appreciate your efforts. In this video where you selected the second native NIC from pfsense, I totally get that segregation on the Unifi side. However, on the first "all" vlan feed from pfsense – wouldn't that also include the vlan 60 group traffic into that vlan 50 traffic mix? I get vlan 50 would not go into vlan 60 but since vlan 50 is "all", it includes all the vlans defined on Unifi. At least on my Unifi contoller shows it this way. If my object is to truly separate the traffic, wouldn't I need to redefine the native vlan to exclude vlan 60?

• Tom, thank you for your insight. I created a 4 port 'lagg0' in/on pfsense. On the switch 'cisco' i configured a 4 port 'port-channel' and trunk all traffic.

• Great video! thank you!
  Dumb question- where would the UDM pro go in this scenario?
  i have a UDMP accepting my internet /WAN traffic and then connecting to a Unifi Switch!
  Any suggestions would be appreciated

• I would have setup vLANS on a LAGG once it got to multiple physical interfaces out of the pfSense. Plus it adds a little tolerance to the network if one of the cables or physical interface went down, traffic would still flow. just my 2 cents.

• I have a netgate 1100 an use bouth opt and lan ports from it to 2 different switches, vlans 10,20,30,40 out as trunk on both ports. Is that any problems?

• reminds me of a friend who tells me more than i need to know.

• Tom are you typically deploying pfsense/UniFi with layer 3 switches?

• Following the minute 14min30 of the video, When I set the port to the "new" unifi network, the AP connected to it refreshes and loses its adoption. Not able to adopt it again. “adoption failed, please again. if the issue persists, we recommend factory-reseting the device”. Any idea?

• Well, that was more confusing than I had originally hoped, trying to get my VLAN from pfSense to Unifi. Turns out I was overconfiguring it.

  Thanks for the helpful video Tom!

• Could you cover pfsense along with ubiquiti layer3 switching?

• It it possible to run a UniFI 6LR to pfsense without a switch.
  Just a simple design.
  I ask because I cant seem to set it up myself. I currently have a old AP-AC-Pro what I want to switch out but cant seem to figure it out.
  Any clue as to where im failing

• Any tips for VLAN and Fortigate? Also what software are you using for the diagrams? It could be useful in teaching my team!

Comments are closed.