Is it possible to not use the Default network on the UXG? Migrating from a different firewall vendor that had a L3 switch internal to the firewall. The old firewall vendor inside interface was on the server vlan which is non native. So the UXG currently has it’s Default IP on the same segment that the servers are on, but on a different vlan since the server vlan is defined as vlan only in the Cloud Key. All the switches but the L3 are Unifi.
My thinking is make the Unifi management network L3 in the controller and give the UXG and interface in that vlan. Then the UXG would start communicating with the CK over the attached network. Then on the Default network change it to a dummy subnet that’s not in use, then change the server vlan to be L3 and change the IP to match.
So I just made an attempt at this and had some interesting results. I was able to change the vlan only to L3 and assign an IP on the subnet, but unable to connect to the controller. I wasn’t able to arp for the controller Mac despite being on the same vlan. I confirmed it’s tagged accordingly on the switch that connects directly to the UXG, and that switch management interface is on the same vlan as controller so it has a L3 path back to the controller. I didn’t try a reboot of the UXG after I added the interface but didn’t think that would be necessary.
So I think I figured this out. Make the management vlan-only L3, let it deploy. Then update the switch profile for the interface facing the UXG to use the management network as native. Then the existing network that is using the incorrect address can be removed and then the vlan only interface switched to L3.