I’m banging my head against the wall with this and I can’t for the life of me get the config right vis-a-vis VLANs and routing:
Environment:
Google Fiber ont box
UDM SE x1
Unifi switch Flex mini x 3
Unifi switch flex x 1
unifi LR 6 AP
Current topology:
ont (downstairs)>rj45 jack running upstairs to another>udm SE upstairrs>3 rjr5 ports>port 1 AP
port 2/3 each other respective room (3 BR upstairs) with flex minis and having the flex inserted where needed.
What I want to do. Without moving my udm se downstairs into my entertainment center and keeping it in the office…eth up my tv, ps5, basically another managed switch between my ont and UDMSE.
I know it requires me to have a VLAN that is purely for WAN but i cant seem to get my VLAN tagging right and i keep “breaking” my switches and having to factory default.
I’ve seen several videos on this and know its doable, but I dont know if I’m cabling wrong or setting up VLANs wrong since unifi is weird with its VLAN nomenclature. I dunno if i need a L3 switch or what. Checked all STP and RSTP settings, dont think its loop.
A fresh set of eyes/ideas on this would be greatly appreciated. Obviously trying to keep fw rules intact on the switch between udm and ont.
What you’re trying to do doesn’t require changing any fw rules. But you’ve given no info for our “fresh eyes” to look over.
What ports do you have connected on the UDMSE and the new/moved switch? Specifically, please tell us what ports are connected where, and whether they are set to allow all VLANs or be an access to a specific one. The more information the better.
Generally it is going to look like the following. I’m using VLAN 666 as the stand-in for whatever number you want to use for the internet. And the port numbers are just examples.
UDMSE WAN - no special config, leave it exactly how it was before trying to add a switch between it and the ONT. Connect this to Port 2 on the UDMSE (yes, to itself, unless you decide to use a separate switch sitting right next to the UDMSE which replaces the next bullet item).
UDMSE Port 2 - This should be an access port for vlan 666. I’m not looking at Unifi right now but this basically means to select the network profile for 666 and don’t allow other VLANs.
UDMSE Port 1 - default configuration for a LAN port, meaning it allows all VLANs. This connects to the downstairs switch’s uplink port (unless you’re using another switch next to the UDMSE, in which case this port connects to that, and the ports on that switch that connect to the UDMSE LAN and the downstairs switch need to allow all VLANs)
Downstairs Switch Port 5 (or whatever you use as uplink) - default configuration for a LAN port, meaning it allows all VLANs. Connects upstairs.
Downstairs Switch Port 4 (my default is to use the last port on the switch as uplink, and the upper end for anything special) - Access port for VLAN 666, no other VLANs allowed - connects to ONT
Screenshots of the port configs you have would be helpful if my description didn’t help you fix things