Hello, I have a pfsense router connected to a Cisco switch, in turn connected with 2 Unifi switches each connected to a Unifi AP (U7).
I have three VLANS configured in the Unifi Console - self hosted:
562 – HO
1043 – BH
1 – Default
I have three SSIDs:
HO (vlan 562)
562KS (vlan 1)
BH (vlan 1)
When I initially set the HO SSID to VLAN 562 it did not work until a reboot.
The issue I have is I cannot move the two other SSIDs to vlan 1043. When I do they stop allowing DHCP to offer IPs. Even after a reboot I find I need to keep them on vlan 1.
Any suggestions on how to get them on the vlans per the design, or do I simple reconfigure the default vlan to be 1043?
Thanks.
It almost sounds like your trunk port to you AP’s don’t have the VLAN’s assigned.
Thanks for the reply.
That’s the magical part of unifi vlans. I have the trunks to the APs as default (1) and allow all (Tagged VLAN Management). Which I understand means trunk in the unifi world.
They’re all aligned on the pfsense and Cisco. The odd part is the vlan 562 && SSID HO work with, albeit with a reboot, which I wasn’t expecting. I will take it into consideration when I’m on site again. Thanks.
Start with a wired device (laptop) connected to the Cisco switch in a port set to “switchport mode access / switchport access vlan 1043”. Verify that it gets DHCP, or resolve the issue (at this point only the Cisco Switch or the PFSense router are at play). Once you have that working, move to one of the Unifi switches and do the same thing (Access VLAN 1043, Tagged VLAN Management set to None). Get that working (all you’ve added is the Unifi switch and the single Trunk port on the Cisco switch). Finally test on the other Unifi switch with the same config. At this point your SSID should work in VLAN 1043.
By the way, once you are done moving things out of VLAN 1, I don’t believe it is able to be removed from the Networks list, but this is fine. All switches have VLAN 1 even if you have taken steps to make it not be used.
1 Like
Thanks Bruce for the thoughtful response. You know I had done that with a wired laptop on the HO (562) vlan. I assumed once I’d figured out the formula it’d work with the BH (1043) vlan. Back to basics, I’ll do that for the BH vlan as well.
Some fixes might only be for one VLAN. Maybe you missed a step, like maybe you didn’t define the VLANs on the Cisco switch at all. They only pass VLANs they know about. If you find that the fix for 1043 is the same as it was for 562, that’s something you should remember for future VLANs.