Change default LAN on Unifi setup

georgelza · October 6, 2021, 5:50am

Hi all

Need some assistance. Below are some diagrams of my network at the moment.
You will see on the Unifi screenshots I"m sitting with a LAN-192.168.0.0
If you look at my pfSense you will see I’ve restructured my primary LAN to 172.16.10.0 based.

How can I get rid of the Unifi LAN. so that the root LAN from a Unifi setup is also 172.16.10.0 based.
I can then extend what I’ve defined as a vlan192 on the pfSense onto the Unifi environment. (I’ve found adopting new devices etc expect a 192.168.0.0 so there is a small justification to have it available, it will just be FW’d to h3ll and back.

G

PS: project for today is to change my Default 20.0.0.2 → 10.0.0.2 (and then patch into port 1 of the Draytek where that is already working/listening), that 20.0.0.0 range was to help with a other migrations… should have remembered 20.0.0.0 is a routed network… would have helped with me not having to reconfigure things now. hehehe 10.10.10.0 might have been a better idea as a example.

Some answers before anyone ask, my network (VDSL) comes in via a RG11 cable at the moment, thus the requirement of the Draytek at the moment still, this is soon to change to Fiber at which point there Draytek will be removed and I will have the WAN of the pfSense go directly into the ISP’s Edge Router.
Once I’ve done todays 20.0.0.0 → 10.0.0.0 fix the next step will be to put the Draytek into Bridge mode.
Which will then assist with getting my CloudFlare reverse proxy setup fixed/working, will also fix what I think is causing the problem of my Dynamic DNS update not working (CloudFlare is being updated with 20.0.0.2 at the moment)

georgelza · October 6, 2021, 5:51am

georgelza · October 6, 2021, 5:51am

georgelza · October 6, 2021, 5:52am

LTS_Tom · October 6, 2021, 8:09am

You can’t get rid of it but you can edit the LAN and set it to whatever your native network is.

georgelza · October 6, 2021, 8:27am

ok, thanks, will attempt.

FYI, default GW address changed to a non routed range, See below

And the second I did this the pfSense was able to determine my public IP properly. so ye it saw 20.0.0.0 subnet before and assume that is my problem. when I changed it to 10.0.0.0 based i knew it was a non routed network so it went external to determine the real public IP.

G

georgelza · October 6, 2021, 8:37am

Great,

thats been done, default range handed out now on Unifi is 172.16.10.0 (DHCP configured for 172.16.10.151-172.16.10.200 and the pfSense configured to manage 172.16.10.201-245.
Things are coming together.
Now… I’ve got that vlan192 configured to run on igb0 with a plan tag 192 and a DHCP range of 192.168.0.151-192.168.0.245.
The idea here is that this is used for devices initial connection, other option is to hardware igb2 to a empty non managed switch and use that should I even need a 192.168.0.0 range, then I delete the vlan and make it a full on lan.

Comment.

G

georgelza · October 6, 2021, 8:40am

Next up is taking bite and putting the Draytek into Bridge mode…
question on this though, I assume this will disable the FW that is on the Draytek, and as such all FW duties will then sit on the pfSense Router/FW.

… decided I first want to go over my FW rules, make sure everything is night and tight before I do the bridge change.

Question, if someone can comment on the vlan192 on igb1 or as a second lan on a igb2… thinking the igb2 might be a cleaner… better solution.

G

georgelza · October 7, 2021, 6:46pm

I would appreciate recommendation.
Keep the vlan192 on igb1 vs create a lan with a 192.168.0.0 range on igb2

G