UniFi Switch 24 PoE: Selected Networks Through Port 24 (pfSense)

UniFi Switch 24 PoE803×567 33.1 KB

This is my home network and I want to use my Unifi Switch to managed the network along with pfSense. I have all VLANs defined in pfSense, My goal is to:

1. VL60 to be available for selected ports like VL10 & 20.
2. The HP printer on LV60 is to be blocked from accessing the internet. I bought years back, I canceled my subscription and found the HP is still contacting HP to see what ink cartridges I’m using. I no longer want it accessing the internet.
3. Only selected networks like VL10, 20 have access to print on the HP.
4. VL70 is my UniFi OS Server should be only accessed by VL10 & 20.

Should I be able to do this with the Port Settings / Tagged VLANs to accomplish this without using pfSense Firewall Rules if possible?

For one example, only allow these VLANs to print to the HP:

Screenshot From 2026-03-30 21-42-47355×596 23.9 KB

You can accomplish everything except block internet for printer. You need pfSense firewall rule for that and a static DHCP entry or fixed IP address on printer.

You’ll either need to not route the VLAN’s you don’t want talking to each other on your firewall or create rules to block traffic. Been a while since I last did this with OPNSense. By putting your printer on a completely separate VLAN from your trusted devices, you’ll need to make sure to forward mDNS between networks if you use AirPrint or another zero-config printing service. If it’s a direct IP connection tied to a printer port in the driver, you shouldn’t need to do this.