I have been running unifi with several VLANs and some port forwarding for many years now and am finally able to have the time and funds to integrate pfsense.
Currently I have:
3 x APS
a cloudkey gen2
24 port POE switch
USG-Pro-4
I was planning on swapping out the USG for a pfsense router and still using the cloudkey. But before spending the money I wanted to confirm that these should all work well together. Also if there were any gotchas that anyone knew of to help prepare ahead of time.
I don’t have any Unifi kit, assuming you have a managed PoE switch I can’t see why it won’t, someone else will have to confirm if you can do a lift and shift job however.
Personally I find it handy to connect the pfSense box to the switch over a lagg if you have 2 or 4 available ports.
Keep a copy of the pfSense ISO as they only post the latest version online. Take constant pfsense backups as you try to configure it unless you are already familiar with it.
Tom, has a debian unifi controller but you will have no issues with cloudkey2 for configuring Unifi hardware. You may look at resetting the Cloudkey as it will have settings for the USG.
We use PFsense and Unifi hardware without any issues
I have a pfsense, self hosted UniFi controller and a UniFi AP. I don’t have any issues at all running all this together.
Which pfsense model did you buy? If it’s one of the lower tiers there might be a gotcha but it’s nothing to be concerned about. The lower tier pfsense boxes have “marvell switching” on them. Which basically means there are these built-in VLAN’s on the ports themselves and they aren’t independent ports per say.
If you got a higher tier netgate without the Marvell switch then don’t worry about it but, when the company I work for bought a netgate 1100 I was a little confused on the setup but really it was only just one more step for configuring VLAN’s on the switch ports you want.
I Was trying to find a 7100 on there but I don’t think they have that model or maybe you meant to put a different model? It will be label as a marvell switch if you look on the tech specs
OK dumb question. If I want my VLANs to only be on the wifi and the cabled ethernet to all be the LAN do I need to go through these steps outlined in the youtube video you pointed out here? Sorry if I am being pedantic.
As several others have said, you will have little, if any, trouble running your pfSense and Unifi gear together. I have run pfSense on a Netgate 1100 for a couple of years, with an arguably overcomplex home network. In order to run multiple VLANs on WiFi, I recently changed out TP-Link APs and Cisco switches for Ubiquiti devices. I have a specific VLAN backhaul that I absolutely had to support as well and it all just works. There were a couple of minor hiccups along the way and I blogged my Unifi journey beginning with this post: WiFi Elevation | N5HRK Blogs
You can always come back to the forum if you run into any trouble. What you are asking (if I understand what you are saying) is possible to. Just set your VLAN ID’s you want to setup on your wifi networks and leave the default (VLAN 1 - LAN) excluded.
Just wanted to say thank you to everyone. I have one last problem left with unifi certs (posted in another thread). But right now everything is running well. Multiple VLANs with smooth integration and isolation.
