Unifi AP VLAN through Netgear Switch

[user_73957]

I am attempting to add a Unifi AP to my network and through it set up multiple VLANS. I understand how to create the wireless network and add the VLAN tag. I (think) know how to set up Pfsense to handle the VLAN traffic but I am unable to get the traffic from the AP through my Netgear GS724T Switch. I am not sure of I should be tagging or untagging the incoming traffic and where I should one sending that traffic. One thing to note is that port 1-4 are one LAG. 

 

Any help would be great. I am stuck. 

[LAwLz]

It depends on how you want everything configured and working.

My guess, since I don't have much info to go on, is that your access points are suppose to tag traffic depending on which SSID you are corrected to, correct?

In that case, you want the port on the switch to be a trunk (not tagging anything) and then just pass the already tagged traffic to your router/firewall/whatever.

 

 

 

But I want to stress the point that there are multiple ways to configure things. The picture above is how I would recommend you do it, but it is also possible to for example have the access points not apply any VLAN tags, and then have the port on the switch connected to the AP be an access port and tag the traffic to some specific VLAN. The reason why I don't recommend this is because then all traffic from that particular access point will be on the same VLAN, regardless of which SSID it is connected to.

 

 

If you want more help then I think you will need to post a network diagram, post the configuration you are running and post what your end goal is.

[JuJuYuJu]

On 10/20/2020 at 5:41 AM, LAwLz said:

It depends on how you want everything configured and working.

My guess, since I don't have much info to go on, is that your access points are suppose to tag traffic depending on which SSID you are corrected to, correct?

In that case, you want the port on the switch to be a trunk (not tagging anything) and then just pass the already tagged traffic to your router/firewall/whatever.

 

 

 

But I want to stress the point that there are multiple ways to configure things. The picture above is how I would recommend you do it, but it is also possible to for example have the access points not apply any VLAN tags, and then have the port on the switch connected to the AP be an access port and tag the traffic to some specific VLAN. The reason why I don't recommend this is because then all traffic from that particular access point will be on the same VLAN, regardless of which SSID it is connected to.

 

 

If you want more help then I think you will need to post a network diagram, post the configuration you are running and post what your end goal is.

I'm basically trying to do this but with only one vlan, i'm not sure which ports to tag/untag and which ports to used pvid for

[LAwLz]

19 minutes ago, JuJuYuJu said:

I'm basically trying to do this but with only one vlan, i'm not sure which ports to tag/untag and which ports to used pvid for

I am not sure what you mean.

If you are only using one VLAN then you don't really need to use VLANs at all. No need for tagged or untagged ports.

But if you for some reason want to use VLANs anyway, despite only having one, then I'd say, the APs should tag the traffic, and then it should go to a port on the switch that is "tagged" (if you use HP terminology, "trunk" if you use Cisco terminology).

[JuJuYuJu]

3 hours ago, LAwLz said:

I am not sure what you mean.

If you are only using one VLAN then you don't really need to use VLANs at all. No need for tagged or untagged ports.

But if you for some reason want to use VLANs anyway, despite only having one, then I'd say, the APs should tag the traffic, and then it should go to a port on the switch that is "tagged" (if you use HP terminology, "trunk" if you use Cisco terminology).

Thanks for the reply, I ended up tagging the pfsense port and ap port on the vlan in my switch. I was confused about the trunk and tagging terms