Pfsense, unifi: Failed to create LAN 2, guest network

First time trying pfsense and unifi. Be nice
PfSense setup
Set up Pfsense with 1 WAN + 2 physical lan:
-Lan Private (ETH1)
-Lan Guest (ETH2)
Setup a few firewall rules to limit guest access to Private.
No need for VLANs, at least I think.
All good.

Unifi setup:
I have a unifi switch 24 ports, 2 AP pro.
I want:
Physical lan Private to feed AP pro Private network, wireless and various hard-wire devices.
Physical lan Guest to feed AP pro Guest network and guest wireless.

initial config UI596×516 15.4 KB

On the switch, by default the profile is set to ALL, and I can adopt both AP and everything works well.

Now into the trouble:
In the switch setting, I create a new Network, in order to group the Guest.
Create new network.
Name: Guest_Network
VLAN-only network, vlan id 51, “whatever”
Save.

In the switch, I assign port 23, port profile to Guest_network, apply change.
Then I assign port 1, port profile to Guest_Network, apply change.

and now I cry…
the AP “refreshes”, adoption failed.
The AP has the correct pfsense IP but it doesn’t adopt, nothing…
“adoption failed, please again. if the issue persists, we recommend factory-reseting the device”

Please Help?
Any idea? suggestion?
Tried to reset, did it again, and same over and over.
Thank you.
Xylem.

There are specific ports you need to have open for adoption. I normally just open 8080/tcp and restrict to the ip of the device (s).

Full list of potential ports can be found here

Across subnets, i always ssh to the devices and force the addition anyway.

Reference info here

Thanks.
Tried the below without success.

80801147×1057 71.6 KB

The rule will be between the guest lan and private lan as you said you blocked guest lan access to private lan (and assuming condor is on private lan)

Hey @Xylem ,

We’re you able to get this working?

Not yet.
I tried a few open port unsuccessfully. I need to do more research on how to do it.
Didn’t have time this week.