I was wondering if there is a way to force all internet traffic from hosts connecting to a Unifi XG24 on a LAN VLAN (1404) through a NetGate XG-7100 (PfSense) over it’s SFP+ ports but have the internet connect from ISP FTTH modem(Bell Canada HH4000) to Unifi XG24 switch; ideally without the use of a 10GBaseT to SFP+ media converter. The HH4000 fiber adapter is soldered to the board and so I can’t just bypass the modem using SFP+.
EDIT: Link to physical diagram: Animated GIF - Find & Share on GIPHY
I am more of a visual person. Do you by chance have a network diagram to post?
I’ve added a link to the diagram of a physical layout as an edit to this post. Thanks
I guess I am having a hard time understanding your need. What solution are you trying to accomplish by having pfsense on the side and not having it at the head of your network? Why are you using your switch for the internet?
If it were me I would connect the fiber directly to pfsense and use your switch for the layer 2 functions (VLAN’s)
The ISP supplied modem has it’s fiber interface soldered onto the board and it’s not an SFP port, so I can’t bypass that device, the WAN port on the modem is 10G copper(ethernet) which is not supported by the xg7100. So I need a way to convert media to SFP. The solution I think should work is to have the switch act as the media converter.
What I would do:
-
Create a native VLAN (Lets say VLAN 1404) on 2 ports. One for the WAN of pfsense and one from your ISP going into the switch.
-
Set all the other ports on the switch to the natvie vlan1 for your LAN side of pfsense that will then connect to all your devices. Or other VLAN’s you want to configure from PFsesne, just can’t use 1404 in this case.
** Native VLAN = Untagged
What I’m trying to do is use the Unifi XG24 as a media converter from 10G copper to 10G SFP+. The goal is to get the full 3Gbps speed of my internet link to each client on my home network. The reason I need to convert media is because the ISP locks the interface on the modem’s fiber adapter to my connection, otherwise I would connect a fiber sfp+ adapter to one of the XG7100’s SFP+ ports.
The physical diagram shows the 10g copper from the modem to my xg24 on port 24, then twinax between the xg24 and the xg7100. The idea being I should be able to establish pppoe passthrough over the twinax out the 10G copper link.