Netgate SG-1000 microFirewall

Author Topic: pfSense and Ubiquiti  (Read 1283 times)

0 Members and 1 Guest are viewing this topic.

Online johnpoz

  • Hero Member
  • *****
  • Posts: 15782
  • Karma: +1503/-210
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfSense and Ubiquiti
« Reply #15 on: December 27, 2017, 08:31:32 am »
Good luck then.. But you have not actually asked a question that can just answer..  Other than can you put your unifi in front of pfsense.. Sure do that - do it via double nat, or turn off nat in pfsense and setup transit to pfsense want from your unifi router be it the pro line or the usg, etc.  Personally do not get what that gets you exactly?  And seem more like a discussion on how you can integrate unifi with pfsense - but with out some specific on that integration seems more of discussion.

This is not really a ask a question get an answer forum. This is a discussion forum, not an interface for your support tickets ;)  If you want such support open a ticket with pfsense using your support subscription.

Not sure what openvpn auth to windows AD has to do with unifi as example discussion..

The ntopng info is vastly more useful than the eye candy the dpi gives in unifi..   How exactly are you trying to integrate your unifi with pfsense.  And be more than happy to answer that specific question - but software there has not been a specific question to answer from my take.. Its a discussion..

Do you really need specific help putting pfsense behind usg - it would work out of the box in double nat setup, just like putting pfsense behind any other sort of nat router..  Do you need help on creating a transit network between your edge usg doing nat, and turning off pfsense from doing nat?  Problem with the nat option is your dpi info would just show pfsense wan IP doing all the traffic.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10291
  • Karma: +1177/-313
    • View Profile
Re: pfSense and Ubiquiti
« Reply #16 on: December 27, 2017, 11:27:24 am »
Yeah I am not exactly sure what OP expects to happen here. A complete AD authentication design consultation from a forum member?

  • Enable NPS in AD
  • Create an NPS client for pfSense
  • Create a RADIUS authentication instance in pfSense
  • Test in Diagnostics > Authentication - get it working there.
  • Enable that for OpenVPN.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline mikeisfly

  • Sr. Member
  • ****
  • Posts: 492
  • Karma: +11/-0
    • View Profile
Re: pfSense and Ubiquiti
« Reply #17 on: January 01, 2018, 07:33:19 am »
LDAP works with OVPN too.

Offline robi

  • Hero Member
  • *****
  • Posts: 1008
  • Karma: +78/-2
    • View Profile
Re: pfSense and Ubiquiti
« Reply #18 on: January 02, 2018, 04:03:30 am »
Yeah I am not exactly sure what OP expects to happen here. A complete AD authentication design consultation from a forum member?

The main pont was this sentence:
Quote
I actually make fun of them not owning the Pro saying they aren't "PRO" enough!

He wants to make a "PRO" looking thing to be able to boast to his friends. This whole topic and OP has nothing to do with real issues and solutions.
If somebody can't understand (including friends) that pfSense is more "PRO" than anytning containing "PRO" in its name, let them go...

Online johnpoz

  • Hero Member
  • *****
  • Posts: 15782
  • Karma: +1503/-210
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: pfSense and Ubiquiti
« Reply #19 on: January 02, 2018, 04:36:54 am »
Ah so he wants to brag to his buds hey I run "pro" usg and pfsense - so I am extra "pro" hehe

Think you hit it on the head..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)

Offline robi

  • Hero Member
  • *****
  • Posts: 1008
  • Karma: +78/-2
    • View Profile
Re: pfSense and Ubiquiti
« Reply #20 on: January 02, 2018, 04:39:07 am »
That's why I'll never, ever buy a BMW.  8)