UniFi setup problems

Hi Everyone, hope all is well.

I purchased some UniFi equipment to replace my home network which is Cisco SG200 and SG300 switches. Going from a flat network to multiple VLANs to isolate equipment. For the UniFi I have two 24 port switch, two 8 port PoE 60W switches and one UAP-AC-LR access point. Oh yeah and I just bought the CloudKey Gen 2.

I setup each switch by connecting it to a switch along with a laptop and a brick PC running pfSense with a port set as 192.168.3.x subnet. I defined my various VLANs in the software controller. I then created my LAGGS feeds on 3 of the switches. Once that was all done, I connected the switches together and connected my other configured pfSense to the switches and tested it. I was getting the right VLANS and such along with the right networks on the AP. Problem being is the the CloudKey was showing that the switches and AP were disconnected. They are all still on the 192.168.3.x (VLAN3) on the new new pfSense. I made static entries in the DHCP server on pfSense for the UniFI devices (switches, AP and cloudkey). All the devices had the same static DHCP IP when I provisioned the devices on the original setup. The cloudkey is still there on 192.168.3.2, but the switches and AP are not registering. I checked the DHCP log and DHCP leases on the pfSense firewall.

I have done lots of reading, but so far nothing has helped me to have a clue as to why this is happening. Probably something really simple. Hoping someone can point in the right direction to help me figure it out.

Thanks.

Sounds like you might not have the lines setup to trunk the VLANS across to the different devices. Try setting up without the LAGG

Hi Tom.

First want to thank you for all the videos and other stuff you do to help us all out. Learned a fair bit and you are the main reason I am replacing my Cisco SG200/300 switches with the UniFi equipment.

Will try your suggestion. All my LAGG/Trunk lines have “All” for the networks for inter switch connections. My LAGGs for devices are set for the appropriate VLAN that they will be on. I did the same setup with some spare Cisco switches and all went well. Will have to get use to the way that UniFi stuff works.

Would you recommend setting the Switches and AP from DHCP to static IP?

Thanks.

Andrew

Thanks!. I don’t have any issues with the switches being static or DHCP but I am also not using LAGG on my own equipment right now. I might do a video on this topic soon.

Hi Tom.

I started by getting rid if LAGG on pfSense(bit of a pain), resetting the switches. I then went through various configs and no luck. I did get a bit further late last night, but when I connect another switch, it is not on seen by the controller. I put the switch and controller back on the dumb switch. Usual setup and then place it back on my VLAN pfSense environment. Then I change the management VLAN to my VLAN that I am using for management (2) that my switches and cloudkey are on.

Will do some more investigating as it looks that I still don’t have a handle on how UniFi does it stuff. Use to working with the Cisco SG2xx and Sg3xx SOHO equipment which is web into the device and configure.

Thanks again and will keep plugging away.

Andrew

Which VLAN is the cloudkey on and are you tagging that port on your Cisco switch to force it in to that VLAN?

Hi extramile_mike.

I am not using any Cisco equipment in my replacement network. My current in use network at home is using Cisco SG2xx,3xx and one netgear managed switches. I have following UniFi equipment setup in my test area, two 24 port, 2 eight port switches and one Long Range AP. Currently here is what I have setup. I have 1 brick PC with pfSense. I have the LAN port setup for 192.168.2.x that plugs into an 8 port switch. I plug in the cloudkey, unifi switch and laptop to the switch. I adopt the device and configure it. I then set the Management VLAN under Services to Mgmt (which is VLAN2 192.168.2.x on my other pfSense). I also set a static ip to the devices. I have all my VLANs defined in the unifi controller software (cloudkey) as VLAN only. So I have one specific port on the first 24 switch set for Mgmt (VLAN2) set. So it all gets provisioned to the switch and the controller software no longer see the switch. I then plug the switch to my other pfSense with my VLANs. The connect the cloudkey to the correct switch port. I web into the cloudkey and I see my switch. The DHCP router on the pfSense has a static IP set for all my UniFi devices defined for 192.168.2.x (VLAN2). Now whether I set the IP static on the other devices, or leave it default as DHCP and connect another switch to the working switch in place, the cloudkey does not see the switch. I have the new switch connected to port 1 of the configured and working 24 port switch which is at default of profile of “ALL”. Have tried connecting the new switch to another port on the 24 port switch which has the ALL profile for that port, no go.
So I then connect the new switch to the other setup and move the cloudkey as well. Adopt and configure the new switch. Then move it back the other setup. Bring up the software and now see it all. I then do this for other switches and the AP. Extra work. I am sure that I am just missing something simple and it is driving me mad(simple ones are the worst). Only had the UniFi stuff for a week and still getting a handle on their nomenclature compared to what I know about the Cisco stuff.

Guess I should mention that I currently have a full allow of traffic firewall rules on all the VLANs on pfSense right now to make things easy for the testing phase.

Any guidance to stuff to read or anything else is greatly appreciated. All just a hobby for myself

Thanks Andrew

Do the aps have to be on the untagged vlan?
Thought I read that somewhere once.

@extramile_mike

I’ve read your paragraph you wrote a few times. I kind of follow it but I get lost in some of the details honestly. Do you have a diagram that might help me understand what you’re trying to do?

Hi Mike. Was on the same wavelength and was to create a diagram with Yed.

Thanks for diagram. It explains it a lot more clearly.

I’m not exactly sure why your setup isn’t working tbh. I have the exact same setup with my cloudkey on VLAN40 – connected to 16 port Unifi switch <—trunked—>8 port Unifi switch. Really strange. Is it possible to temporarily put cloud key back on untagged network and try adopting new unifi sw again?

@asm140 Thank you for the diagram. You understand that your dumb switch can’t understand VLANs, only different subnets, correct? So if the issue is connecting with your CloudKey after you move is straight over from the Dumb SW, it’s not going to have a VLAN tag, so you’ll have to tag the port on the Unifi switch that it’s plugged in to for VLAN2. Try that and see if you can see it.

@extramile_mike. I ahve been busy dealing with my pfSense. Lots of cutting and pasting to create an config.xml file to have all my static IPs configured on the various VLANs. Had a few snags, but I think I got it all straightened out. Will know withing the hour.

Correct, the dumb switch on the left is just a flat network with no VLANs. The port on the brick PC is just 192.168.2.x.

On the right side is the UniFi switch with port 11 set for VLAN2 where the cloudkey is and it get the IP of 192.168.2.2. The issue is when I connect a new switch to a port on the existing switch that has the Profile ALL, the controller software does not see the switch. So I connect the switch and the cloudkey back to the other setup and configure the switch and then connect it back to VLAN setup. The firewall rules are set right now as free for all, everyone can talk to everyone else.

Thanks.

@kevdog I will try that soon. I have 2 more 8 port 60W PoE switches coming soon. They are for my test lab area. Once I move my unifi test env into my home network, will spend more time to understanding the UniFi stuff inside out. The UAP-AC-LR was a breeze to setup. Have my guest and trusted networks all woking just fine.

Thanks.

Hi Tom. After doing some other testing and such I now have LAGG working. I have 2 port LAGG from pfSense to my main switch, from the main switch to the aux switch and then from the aux switch to switch in the living room. Not sure what the problem was, but never had any problems with the Cisco switches I had.

Andrew