Reply
Highlighted
New Member
Posts: 14
Registered: ‎01-14-2018
Accepted Solution

Getting VLANS and AP to work in Unifi

Hey all,

 

Somewhat new to Ubiquiti and setting up VLANs, so any help would be appreciated. I've read some of the articles/posts and watched several YouTube videos, but I think I keep managing to overlook something. I'll list my setup + relevant details and try to be as concise as possible. I'd really appreciate any guidance or a point in the right direction.

 

The Issue:

I'm trying to create 4 VLANs to use in my house and have each broadcast with a separate SSID. When I apply the VLAN tags to the Wireless Networks and connect to any of them, I'm unable to access the Internet and all of the networking gear shows as "disconnected' in the Unifi controller.

 

My Setup:

Unifi 5.6.40

1 USG

1 Ubiquiti 8-port switch

2 Ubiquiti AP-Pro's

 

How I set it up:

  1. In the NETWORKS section, I created my 4 VLANs and applied a VLAN tag to each
    • Each VLAN was created as VLAN Only (as opposed to Corpoate)
  2. In the WIRELESS NETWORKS secton, I created my SSIDs
    • In WLAN Group 1 I created the 4 SSIDs I plan to connect devices to and applied the corresponding VLAN tag to each
    • In WLAN Group 2 I created 1 SSID and applied no VLAN tag
      • I had assumed this would be the "management VLAN" (I now believe this was incorrect). However I am able to connect to the Internet on this network after applying the other SSIDs with VLAN tags. But I still cannot see any of the networking devices as "connected" in the unifi controller.
  3. I configured one AP to use WLAN Group 1 (the four SSIDs with VLAN tagging) and the second AP to use WLAN Group 2 (the one SSID without VLAN tagging which I could connect to in order to access the networking equipment. I believe this is no longer necessary, but wanted to provide a full-picture of what I had setup so far.)

 

*It is my understanding that the ports that the APs connect to should be configured to use the "All" Switch Port Profile, to act as a trunk port and pass all tagged/untagged traffic. I should not create a Switch Port Profile for my 4 SSIDs setup with VLAN tagging.

 

If anyone can point out what I am doing wrong in the above, I'd appreciate it. I've spent a many nights after work trying to figure this out Man Happy If I can provide any additional details or clarify anything please let me know. Thank you!


Accepted Solutions
Established Member
Posts: 1,649
Registered: ‎03-31-2017
Kudos: 562
Solutions: 182

Re: Getting VLANS and AP to work in Unifi


@Sneakers wrote:

 

How I set it up:

  1. In the NETWORKS section, I created my 4 VLANs and applied a VLAN tag to each
    • Each VLAN was created as VLAN Only (as opposed to Corpoate)

 

Needs to be corporate, vlan only is for when you are using a non-unifi router.

 

 

View solution in original post


All Replies
Established Member
Posts: 1,649
Registered: ‎03-31-2017
Kudos: 562
Solutions: 182

Re: Getting VLANS and AP to work in Unifi


@Sneakers wrote:

 

How I set it up:

  1. In the NETWORKS section, I created my 4 VLANs and applied a VLAN tag to each
    • Each VLAN was created as VLAN Only (as opposed to Corpoate)

 

Needs to be corporate, vlan only is for when you are using a non-unifi router.

 

 

New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

[ Edited ]

Ok, I deleted the VLAN networks I created and, instead, created 4 Corporate networks and defined their subnet ranges. 

 

On my networks now I look to be able to connect to the Internet. However, when I launch the Unifi controller, the networking equipment still shows up in a "disconnected" state. Is there something additional I need to configure? 

 

Edit: I also get the same result when I connect to the SSID which has no VLAN tagging set up and is broadcasting on a separate AP. When I connect to the Unifi controller, all of the network devices show as disconnected. 

Established Member
Posts: 842
Registered: ‎07-25-2015
Kudos: 125
Solutions: 38

Re: Getting VLANS and AP to work in Unifi

All these devices had to be on the Untagged network "Management". Also the controller.

The AP's can only communicate over Untagged VLAN.

 

For VLAN tagged trafic you need to Trunk the port where the ap is connected to.

 

Some examples https://help.ubnt.com/hc/en-us/articles/205146150--ARCHIVED-UniFi-USW-VLAN-Configuration

 

https://help.ubnt.com/hc/en-us/articles/219654087-UniFi-USW-Using-VLANs-with-UniFi-Wireless-Routing-...

 

Cheers,

 

Mike

If the feedback solved your problem or question. Please mark it as solved. If it is worth some Kudo’s don’t forget to give some :-)
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

[ Edited ]

Hello @Sneakers,

 

Did you setup a STATIC IP on the controller device?The devices will report disconnected if they can't reach the controller. ( they won't be able to reach the controller, If you receive another DHCP address )

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

Ok this is probably a simple question (apologies in advance) - how do I put all the Ubiquiti equipment on the Untagged network? My understanding was that if the equipment would, by default, use the untagged network by default? 

 

I've configured the switch ports for both APs to use the "All" profile which I believe means it is acting as a trunk port.

 

The controller currently runs off of my laptop and I fire it up as needed. Eventually I will move this to a dedicated VM or the cloudkey device. In the meantime - do I need to specifically configure my laptop device on the network to allow the controller to connect to the networking devices?

 

Sorry for all the follow up questions!  I appreciate your help!

New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

The controller currently runs off of my laptop and I fire it up as needed. Eventually I will move this to a dedicated VM or the cloudkey device.

Do I need to set a static IP for my laptop and update something in my VLANs?
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

Set a STATIC IP on your laptop untill you have a other solution.

If you don't remember the old IP address, SSH into the devices and run the info command.

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

Leave the port where the UAP is connected on set to ALL, and TAG the vlans to the SSIDs.

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

[ Edited ]

Ok, so the laptop would need to be set with a static IP on the same subnet as my USG? Should I set my SSID with no VLAN tagging to the same subnet as my USG?

Sorry I'm having so much trouble here. Appreciate you taking time to answer my questions!

 

EDIT: I connected to my SSID with no vlan tagging and manually set my laptop (running the Controller software to be on the same subnet as my USG and other Ubiquiti devices. When I access the controller software, all of the devices still show as disconnected? 

Member
Posts: 259
Registered: ‎01-28-2016
Kudos: 50
Solutions: 8

Re: Getting VLANS and AP to work in Unifi

Hey @Sneakers,

 

The controller needs to be reachable at the same address and port you used when the devices were adopted, just being in the same subnet isn't good enough. If you don't have a record of that original address, then you could SSH into one of the devices using the device authentication credentials found under Settings>Site, and then issue the 'info' command and look in the Status field. If you need to, you can issue the 'set-inform' command on that devices using the new IP address of the controller. Use the 'help' command to get more details on how to use these commands when SSH'd into the device. When you are looking at Devices on the controller web GUI, you should see the last known IP address of the devices, but if that information isn't accurate then you could try using the Ubiquiti Device Discovery Tool or use a network scanning tool such as nmap.

 

Hope that helps.

 

--

Klint

Primary Innovator at Sprocket Technology
Ubiquiti Enterprise Wireless Admin

Setup and secure your UniFi SDN Controller the easy way! Check out the Easy UBNT project and view the source on GitHub. Also, try Vultr for hosting your cloud controller!
Member
Posts: 259
Registered: ‎01-28-2016
Kudos: 50
Solutions: 8

Re: Getting VLANS and AP to work in Unifi

@Sneakers, love your forum username by the way. Man Wink

 

--

Klint

Primary Innovator at Sprocket Technology
Ubiquiti Enterprise Wireless Admin

Setup and secure your UniFi SDN Controller the easy way! Check out the Easy UBNT project and view the source on GitHub. Also, try Vultr for hosting your cloud controller!
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

Doesn't matter where the controller is on, the devices need to be able to report back to it.

Chose a IP address and sit on that, than SSH into each device and set-inform to your controller address.

set-inform http://ip.of.the.controller:8080/inform

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

Thank you!!
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

Ahh, ok - this clarified it for me! Thank you very much!

I set a static IP for my laptop and then connected over SSH to each device and used the set-inform command. I can now see my network devices as connected. Thank you!!
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

You’re welcome!

If you have any other questions please let me know!

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

Ok, so I have now have 5 SSIDs broadcasting:

 

  • 4 SSIDs are assigned to my first AP. Each of these SSIDs is tied to a VLAN using the "Corporate" option (vs. "VLAN only" option). I've assigned a subnet to each of these VLANs
  • 1 SSID broadcasting on my second AP. This SSID has NO VLAN tagging. I believe this SSID is no longer needed as it will not be used as a 'Management Network'

 

My only remaining questions (mostly just for my education):

 

1. I believe the SSID without VLAN tagging is not really necessary? I had thought it would be used as a 'management VLAN' but that doesn't appear to be required? Once I have a VM or cloud key running the Unifi controller 24/7, I can just set that to a new static IP and repoint my network devices there? Is there any reason to have a separate, untagged VLAN setup?

 

2.) What is the purpose of the "VLAN-only" option in the Networks setting page? Based on my understanding, if I'm running all Ubiquiti hardware, I need to use the "Corporate" option in order for everything to work correctly? I would then set up firewall rules, as necessary, to isolate or allow traffic between these Corporate VLAN networks? 

 

Really appreciate everyone's assistance. Youv'e been a HUGE help! Thank you!

 

Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

1) Yeah, or you could do a site migration ( Easier )

2) You only have to create VLAN-only networks if you don't have a USG.

 

What are the networks used for exactly?

If you want to block connectivity between those VLANs, disable interVLAN routing.

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
New Member
Posts: 14
Registered: ‎01-14-2018

Re: Getting VLANS and AP to work in Unifi

Ok understood. Thanks AmazedMender16! Then, I think I'll use the second AP to improve the wifi signal in other areas of my home, instead of using it to broadcast the SSID without VLAN tagging.

To answer your question - basically separating out home/trusted, guest, and IoT traffic. I also have a lab/work VLAN as well.
Senior Member
Posts: 8,608
Registered: ‎08-04-2017
Kudos: 1391
Solutions: 416

Re: Getting VLANS and AP to work in Unifi

Hello @Sneakers,

 

Make sure you enable Guest Policies on the GUEST VLAN and SSID.

 

 

Regards,

Glenn R.

Professional Services | Cloud Hosted Controllers | Glenn R. | UniFi Installation Scripts | UniFi Easy Update Script | UniFi-Video Installation Scripts
USG-4-PRO • USG
USW-24-POE-250W 2x • USW-16-POE-150W • USW-24 • USW-8-150W • USW-8
UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2 • UCK
Reply