Folks here gave me some great suggestions, however i still have 1 thing not working and im stumped. im sure it something simple the Lawrence army will figure out fast.
on my 3100 i had 3 vlans with different IPs (my network, roomates network and IOT) i also had an ip assigned to an interface (192.168.3.1/24). I plugged 3 ports into 3 different ubiquity switches, off of one of my ubiquity switches is my cloudkey (192.168.3.10). All was right with the world
I installed the 6100 (with suggestions from folks here) i put the vlans (IOT, roomates, myself) in a LACP and trunked it out to a ubiquity switch. I left management (192.168.3.1) on an interface. When i flipped to the new firewall, everything worked except wifi. I flippped back and noticed that the management of ubiquity is hard coded to Vlan 1, so on the 6100 i moved management off the interface and placed it (192.168.3.1/24) as vlan 1, then added that to the LACP. All the devices on my mangement vlan are static, but i did setup a small DHCP scope in case. However, I can not access anything on VLAN 1, except for the VLAN ip (192.168.3.1). The netgate is not able to access it either. here are some screen shots.
I’m not really sure what is up with your config. If you have VLAN1 configured for 192.168.3.0/24 then it wouldn’t show up with a link type of vlan and should be saying ethernet in your arp table.
thanks @xMAXIMUSx I think its the way the 6100 handles the traffic when its on a vlan. all of my arp table shows vlan, so im “fairly” certain that is correct.
That is not correct. The 6100 has independent ports and does not use the marvel chip to accomplish VLAN tagging for each physical port. If you are truly using VLAN1 then it would show as ethernet. Then all subsequent VLAN’s under the parent interface will show as VLAN.
Example:
I think im a little confused. when I look at your config, it looks like your arp data for your vlans are showing the same thing. or am i not reading this right? I also see some IPs assigned to physical interfaces. Sorry i guess im a little stumped
You said:
That can’t be the case if the arp table is showing vlan for your .3 network.
Lemme first say, i really appreciate you taking time to assist here. second, here is the vlan 1 (renamed management) config
here you can see the are in the same LAG as the other vlans
When I did have the ip address assigned to a physical interface, no traffic was moving on WiFi at all, i’m guessing it has to do with the way ubiquiti handles the vlans on the wifi.
You cannot assign a vlan tag of 1 of the parent interface of lagg0. You need to set VLAN tags under the main LAGG interface. In your case lagg0. See below example. VLAN1 is already assigned to lagg0
So assign lagg0 to your management interface. Then migrate your existing VLAN’s under the parent management interface. Then your management interface will be VLAN1.
I’ve been reading and re-reading this for a while and have to honestly say I’m more confused then I have been in a long time. i think i need to do some research on what interfaces mean in the pfsense world because its quite different than anything ive worked on in the corporate world. So what i did was try and replicate what you showed/explained. Can you tell me if this seems correct? (before i click apply, lol)
Looks like you didn’t set the VLAN tags on your interfaces properly. They are all showing VLAN 1. I would go ahead and remove the LAG2Unifi interface.
ParentsVLAN interface needs to be set to VLAN 25
ScottsVlan needs to be set to VLAN 50
IoT to whatever VLAN ID
GuestVLAN to VLAN 10
Maybe a screenshot will help.
ok…so i put things back the way they were originally with the names assigned to the vlans and deleted the lagg interface. (up in the convo 8/11) where the interfaces are shown assigned to vlans. Deleting LAGGtoUbiquiti just shut down my wifi while wired access still worked. I restored LAGGtoUbuqiti to get everything back up.
As far as the vlans go, they were configured when i originally set this up
Is the suggestion to move the vlans off of opt2? and onto LAN?
The last screenshot you sent you have to assign the interfaces for each vlan to the management interface and not opt2.
Edit: my fault. I reviewed it again and the management is on opt2. I think you have an issue assigning the lagg0 interface to 2 different interfaces. You need to choose management or Lag2Unifi and get rid of the other.
@xMAXIMUSx thank you for sticking it out with me through all my confusion. this final suggestion was the key. Everything is up, i can access my cloudkey across vlans and can get on all my SSIDs. thank you again for your time and patience
You’re welcome! Glad it worked out.
1 Like
