pfSense English Support > Wireless

Multiple VLANs with ubiquity Unifi AP

(1/2) > >>

Atreides:
I'm trying to setup multiple vlans and ssids with my Ubiquiti access points. I'm not sure if I'm doing something wrong in pfsense, in my access point controller, or in my switch. I'm seeing the networks broadcasted, but I am able to connect to them. They ask me for the password but never connect.

I also noticed pfSense has a wireless setting page. I assuming that is for when a wireless interface is added directly to the pfSense, and that I shouldn't be using it. Is this assumption correct?

I should note that i'm able to connect to a wireless network that is not using a vlan with identical settings except for the vlan.

Controller

The controller is managed on vlan1

I have created a few Wi-Fi networks in my Unifi controller.

house -> vlan10
john -> vlan20
iot -> vlan70

Switch

In my switch I have connected the two access points to ports I have set to GENERAL, and set to VLANs 1,10,20,70. The switch is then trunked to my pfSense. I'm not sure if this is the right way to connect the access points to the switch. Should they be connected over a trunk? I was unsure about this. When I tried to trunk from the access points to the switch, I was unable to manage them in my controller.

I'm wondering if it's a problem with my switch since someone already mentioned that tp-link's can have a problem with vlans In a separate thread. I'm considering buying a Ubiquiti switch.

pfSense

In pfSense I've created three interfaces HOUSE (vlan10), JOHN (vlan20), IOT (vlan70) which are on the interface the switch connects to.

strangegopher:
is your controller on trunk port too? it should be.
Also Switch -> AP port, pfSense -> switch port need to be on trunk ports.
Do you have a management wireless ssid with no vlan?
Do that and you can connect to no vlan ssid and manage AP wirelessly.

johnpoz:
I use unifi AP and they have no problems with vlans..

Yes their IP that you talk to them would be untagged... But any vlans that they advertise could either be on the untagged vlan or some other tagged vlans..

It would work work like this

pfsense -- untagged, and tagged --- switch --- untagged, tagged AP ---- client SSID -- client...

Atreides:

--- Quote from: johnpoz on December 25, 2017, 10:59:52 pm ---I use unifi AP and they have no problems with vlans..

Yes their IP that you talk to them would be untagged... But any vlans that they advertise could either be on the untagged vlan or some other tagged vlans..

It would work work like this

pfsense -- untagged, and tagged --- switch --- untagged, tagged AP ---- client SSID -- client...

--- End quote ---

That's basically what I've done. Maybe it's an issue with my tp link switch? Would you say it would be a good idea to get the ubiquity fully managed 8 port switch I linked?

Just to clarify, should the input port from the access points be trunked? Or should it be set to general, with all the different vlans I have set.

Derelict:
Ubiquiti APs like to be managed on the untagged VLAN.

SSIDs with a VLAN set are tagged to/from the AP.

Navigation

[0] Message Index

[#] Next page

Go to full version