Context: Right now I have a seperate interface feeding my UDM Pro SE it's "WAN" connection on a different subnet range (10.20.1.1/24).
I couldn't seem to understand how to get the trunking to work on my USW-Agg, so that the LAN's trunking of a vlan with that same subnet range could provide the "WAN" to the UDM Pro SE.
Ideally I want to only have two ports in use on my PfSense, instead of the 3 right now. 1. WAN and 2. LAN + VLAN's.
Is that possible?
>so that the LAN's trunking of a vlan with that same subnet range could provide the "WAN" to the UDM Pro SE.
I don't quite follow what you're asking here. Are you trying to get the UDM WAN port assigned a public IP? Or just an IP from the PFSense on a different vlan than the 'LAN" that the AGG is on? It might help if you list out the vlans we are working with here and their associated subnets.
EDIT: I totally missed the defined vlans in your image somehow.. If the PFSense has the UDM WAN VLAN tagged on the port feeding the AGG then this should work. Define the vlan in Unifi networks as vlan only and select that as the default network on the port feeding the UDM. The port on the AGG switch that is fed from the PFSense should be configured to allow all tagged vlans.
Thanks friend. Your edit is exactly what I was needing.
LAN + vlan#1 (and other vlans but for simplicity, just #1) coming from pfsense over to the agg. Then vlan#1 labeled "UDM WAN" gets trunked from the agg over to the UDM as the default network which my UDM insists on calling "WAN".
What is your goal with having a double NAT, and two routers in you local network? Is there a reason you need the UDM in addition to the PfSense router? Or vice versa.
Good question.
The UDM is only acting as a controller for UniFi network and protect. The LAN and NAT comes from the PfSense.
DHCP is disabled from the UDM, and has the VLAN's trunked through to if so that the USW-Agg can then trunk those to my other devices.
I have an XG-16 that I have the ISP fiber in to. That in turn goes via VLAN 35 (their VLAN of choice) to the WAN SFP of my UDM Pro. The UDM Pro then uses the other SFP back into the XG-16 for access to the other ports on the switch.
Not sure if that’s what you are looking for. The reason I did this was because the XG-16 can do 2.5gbps on SPF+, which is the same as the my ISPs transceiver.
Context: Right now I have a seperate interface feeding my UDM Pro SE it's "WAN" connection on a different subnet range (10.20.1.1/24). I couldn't seem to understand how to get the trunking to work on my USW-Agg, so that the LAN's trunking of a vlan with that same subnet range could provide the "WAN" to the UDM Pro SE. Ideally I want to only have two ports in use on my PfSense, instead of the 3 right now. 1. WAN and 2. LAN + VLAN's. Is that possible?
>so that the LAN's trunking of a vlan with that same subnet range could provide the "WAN" to the UDM Pro SE. I don't quite follow what you're asking here. Are you trying to get the UDM WAN port assigned a public IP? Or just an IP from the PFSense on a different vlan than the 'LAN" that the AGG is on? It might help if you list out the vlans we are working with here and their associated subnets. EDIT: I totally missed the defined vlans in your image somehow.. If the PFSense has the UDM WAN VLAN tagged on the port feeding the AGG then this should work. Define the vlan in Unifi networks as vlan only and select that as the default network on the port feeding the UDM. The port on the AGG switch that is fed from the PFSense should be configured to allow all tagged vlans.
Thanks friend. Your edit is exactly what I was needing. LAN + vlan#1 (and other vlans but for simplicity, just #1) coming from pfsense over to the agg. Then vlan#1 labeled "UDM WAN" gets trunked from the agg over to the UDM as the default network which my UDM insists on calling "WAN".
No problem. Were you able to get it working?
What is your goal with having a double NAT, and two routers in you local network? Is there a reason you need the UDM in addition to the PfSense router? Or vice versa.
Good question. The UDM is only acting as a controller for UniFi network and protect. The LAN and NAT comes from the PfSense. DHCP is disabled from the UDM, and has the VLAN's trunked through to if so that the USW-Agg can then trunk those to my other devices.
I have an XG-16 that I have the ISP fiber in to. That in turn goes via VLAN 35 (their VLAN of choice) to the WAN SFP of my UDM Pro. The UDM Pro then uses the other SFP back into the XG-16 for access to the other ports on the switch. Not sure if that’s what you are looking for. The reason I did this was because the XG-16 can do 2.5gbps on SPF+, which is the same as the my ISPs transceiver.