Looking at the setup in the attached picture, I want to add a pfSense router and keep the Unifi USG in my current network, as I like the dashboard and device mapping Unifi provides. Is there a way to make the Unifi USG passthrough the internet from the pfSense router, so effectively just use the USG as a switch or could I use the Unifi USG to create a VLAN after the pfSense router?
If so can someone explain this set up step by step for me, in simple terms, so I can go research the right topics?
Greetings, doesn’t look like anyone took up your topic, but I have some interest in a similar design. The view into the network (at least in UI’s marketing) is pretty nice from the perspective of the USG, even if it falls a little short in the actual function (as documented by Lawrence’s videos (superb btw…).
I have not purchased an USG yet, and am struggling with the decision to do so. I recognize that pfSense is going to give me better control of my LAN, and the UI isn’t terrible on it’s own. But as I’m trying to come up with a recommendation for my brother-in-law, he’d rather have something that’s easy to understand and manage and isn’t necessarily concerned with some of the more advanced functions of pfSense.
I know @LTS_Tom has gone over this topic a couple of times, but (unless I’ve missed a video) hasn’t really discussed it from a personal use perspective.
So… what say you-all - is the USG worth running personally if you don’t need some of the more advanced networking features?
given these conditions I would buy an Asus router.
No way on this earth will someone not willing to spend endless hours tinkering be able to use pfsense and probably also Unifi.
It’s better to let him do all the work, it’s the only way he will ever understand, once you set it up then prepare to fix your work when there is no internet.
Adding the Asus FW to the mix doesn’t necessarily give the single pane of glass view that he’s liking so far from the UBNT interface. Is there something to speak of, positively, with the Asus firewall/router?
Why would you want this setup? I’m aware of the Unifi interface. I agree it looks nice and provides a lot of information. However even if you have a nice GUI with the USG – you still need to manage pfsense on it’s own. InterVLAN routing has to occur at the gateway/router level. My recommendation would be just to ditch the USG. I don’t think it adds a lot of value. I have no idea if you could just use it as a managed switch – however it would just be a 2 port switch which in my opinion doesn’t add a lot.
That’s fair. I think he’s looking for something similar to the Palo Alto for the view - the ability to view application types and be able to filter/eliminate that type of traffic, something pfSense doesn’t do (that I’m aware of anyway). I’ve looked at Sophos community edition, and that gives some of that, though the interface (IMO) is a bit kludgy.
For personal use, where does the USG fall apart? For business use, I get that it’s very short of the pro/enterprise grade features, but for personal use - what are it’s biggest weaknesses?
