Dream machine pro - disable firewall


I cant find a topic for this specifically although it may be in a poat somewhere. I currently run a pfsense firewall but am thinking of buying the dream machine pro for its nvr and controller functions.

Has anyone found a way to disable the firewall features sonthe dream machine acts as a switch, controller and nvr only?

The main reason for me not wanting to use the firewall in dream machine pro is that it does not support natively remote user openvpn connections. Has this changed at all?

Thanks everyone


Why not get the UniFi NVR? https://store.ui.com/collections/unifi-protect/products/unifi-protect-nvr

1 Like

I looked at that but it doesnt include the cloud key software from what I read. So I would need to buy a switch, cloud key and nvr which is a lot more equipment and a higher cost…

Or you can just create a VM and install the UniFi controller on it and buy a pretty cheap PoE Cisco switch. Unless you just want everything UniFi.

I don’t have a DMP so can’t verify this but I would have thought if you just drop it on your network and disable DHCP on the DMP you could then use the unifi SDN controller and NVR on the DMP and continue to use your pfSense install as your head end / router.

I do this at a couple of sites with the Cloudkey Gen2/+ and it works just fine. Maybe that would be another option?

that is an interesting point. Hoping someone on the forum runs a DMP and can confirm this will work?

Did you get your answer? As it happens I have a pfsense 3100 at the head of my network and in a lab down the way I have a UDM Pro with a Gen2 24POE Switch under it. I can test running the UDM pro transparent for you in terms of dhcp if you need…

That would be amazing to get that figured out.

Do you need to be able to access the Unifi protect cameras over the internet? Or just locally?

I will need to access the cameras remotley

I’ve seen multiple different places of such a thing, I don’t think you can just turn off the firewall on the UDM Pro, but you could give it a public IP and adopt all your Unifi gear to that, not sure how you would get protect working though.