Hi,
I am about to replace (in a complex mid-size network) an old Forti firewall with an EFG and an old HP fabric L3 core switch with a a USW-Pro-Aggregation.
While doing so, I have to migrate my UniFi OS from a self hosted debian VM to the EFG (since I understand I can’t adopt a cloud gateway from my self hosted installation).
I have a few questions:
- In my current L3 core switch I have more than a dozen VLANs and I route some of these internally (that is, without reaching the firewall/router). For doing so, I have a static IP address configured in the switch for each VLAN I have to route. Can I do this in the USW-Pro-Aggregation?
- The core switch also has a static default route to the firewall allowing it to route packages to the internet for itself and for the VLANs which have this allowed in the ACL. Is this also feasible with the USW-Pro-Aggregation?
- this last step actually goes through another switch on a specific VLAN since the Forti firewall only has RJ45 ports and the core switch only has SPF+ ports
- on the new setup I intend to connect the EFG to the USW-Pro-Aggregation directly using SPF28 ports and a DAC
- My current UniFi OS has a local administrative password and no connection to the UniFi cloud. If I configure the EFG to connect to the cloud (so I can access it with my user from unifi.ui.com, can I keep the local password for emergency access if something breaks or if I loose internet connectivity?
Thanx in advance.