Question Ubiquity network expansion. Adding 2 NanoBeam AC gen2 and want to setup 2 individual lans.

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
Making a new thread due to the question I asked here. Post 38 . Thank you to @ch33zw1z for what was provided so far.

Here is the gist of the original question.
So I have Edgerouter x sfp and AC pro LR IIRC. This is currently running fine in my home.

Issue is that the plan from the beginning was to add the parents in law home to the mix. I have 2 NanoBeam AC gen2. They are now mounted, wires run but no rj45 fittings put on yet. Have not mounted the second AC pro LR to their ceiling, although I have the wire sticking through, which I am sure drives them nuts LoL.

So I have figured out I need to factory default my AP due to running in stand alone mode. I want to run 2 VLANs to keep our data separate (not sure how to configure this yet) and bandwidth limit them to 100M which is what they currently pay for and use without issue.

Do I need to run the controller software on a machine that never sleeps? or is the USG or the cloudkey device described above a better solution?

I have time because I am waiting for a 10G SPF to RJ45 adapter incoming which will offer me an extra port this way. I do have 1G service provisioned to my home, modem is in bridge mode, or baselined as we call it around here.
Click to expand...

I have received the 10G SFP+ to RJ45 adapter UF-RJ45-10G

The following is the gear I have already purchased.
Advanced Gigabit Router with PoE and SFP
nanobeam-ac-gen2 I have 2 of these.
802.11ac Long Range Access Point I have 2 of these.

What I did fail to account for, is that on the other end of the air bridge. I have the POE injectors for each device the NanoBeam and the WAP, I have now realized that I will need a switch to plug each POE injectors LAN side port into in order to bridge the Nanobeam and the wap together.

@ch33zw1z is this correct? and can a simple switch fulfill that function? The inlaws have a linksys e3100 or something along those lines, but I have several netgear gig unmanaged switches.
I ask because no management will be occurring at the inlaws home, it will all be from my end where the Edgerouter is.

Side note, I dont't know why I was thinking I could just plug POE side of the antenna to the nanobeam, and the lan side to the WAP. Obviously the WAP needs its POE injector as well.

EDIT: Could I not just patch cable the 2 LAN sides of the 2 POE injectors to one another so that all traffic goes from the WAP to the Nanobeam to the RX nanobeam to the edge router? @ch33zw1z ??

Also, with this configuration, wouldn't the edgerouter be taking care of all the management? IE no need for controller? ( I could add dream machine regular later down the road)
 
Last edited:
Sort by date Sort by votes
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
Since the grandaughters are here I am in study mode, so I either have to try again after they fall alseep. IF I can make it past them lol.
Did alot of youtube and read all of Ubiquity's 102 page Edge os docs. So I think I'm in a better place. ATM
 
Upvote 0 Downvote
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
ch33zw1z said:
Ok, slow down a little bit. Factory resetting things isn't necessarily going to help. You should be able to run the ER-X and an AP at your house without impacting the nanobeam + inlaws AP. So, get things configured on your side, then proceed to the nano beam + in-laws. It's really just building the network one step at a time. I'll put together a diagram if you think it will help and you can refer to the links above for the VLAN config, then the firewall rules, and build it one piece at a time.

You really gotta get the AP's adopted, and if you can SSH to the AP you can manually update the firmware if it's needed, there might be some fixes.

Proxy arp isn't checked off IIRC

You can adopt the in-law AP locally, then relocate it to the in-laws house. If the nanobeams are setup correctly, the AP shouldn't care at all.

The adopting issues seem to be your hurdle. I don't think the UDM-Pro will necessarily fix that, and the only time I've seen it on sale if for about an hour 11/30/2020.

I ran an ER-X and a AC-LR with no issues, windows 10 unifi controller.
Click to expand...
Thought I had made a reply earlier, I may have forgot to press send. NM I may have been drinking :0


Been reviewing this, I am certain now my friend set it up wrong to begin with, he said could set it all up just through switch with no VLAN and just use firewall rules to separate traffic.

I am now thinking I just need the one Vlan for the eth4 with PoE on it that handles the airbridge and their WAP.

I can just leave my side all "normal"

Does this sound right? I shouldn't need to VLAN my side with 3 eth ports. Just separate them by switch interface?

Now Back to ETH5 the SPF , upon some digging it looks like its maybe just for backhaul?
 
Upvote 0 Downvote
ch33zw1z

ch33zw1z

Lifer
Nov 4, 2004
37,768
18,046
146
DaaQ said:
Thought I had made a reply earlier, I may have forgot to press send. NM I may have been drinking :0


Been reviewing this, I am certain now my friend set it up wrong to begin with, he said could set it all up just through switch with no VLAN and just use firewall rules to separate traffic.

I am now thinking I just need the one Vlan for the eth4 with PoE on it that handles the airbridge and their WAP.

I can just leave my side all "normal"

Does this sound right? I shouldn't need to VLAN my side with 3 eth ports. Just separate them by switch interface?

Now Back to ETH5 the SPF , upon some digging it looks like its maybe just for backhaul?
Click to expand...

2 VLANs DaaQ, that's what you need. I plugged in my ER-X and grabbed a bunch of screen shots, and drew a little diagram. This is what you need, and following that video it should be easy peasy. I named all my screen shots something that makes sense. You basically want all YOUR gear on the 192.168.1.x and your in-laws on 192.168.2.x.

After you get everything working at this level, you will move on to configuring the AP's (this seems to be the biggest hurdle), configuring the Wireless networks via Unifi controller. This is where you will point a particular SSID at a VLAN. After you confirm the configuration is working, you can move on to the Firewall rules to isolate traffic between VLAN 1 and 2.

vlan_config_easy.jpeg
 

Attachments

  • dashboard_all_config.png
    dashboard_all_config.png
    69.3 KB · Views: 13
  • dhcp_config.png
    dhcp_config.png
    19.8 KB · Views: 12
  • dns_config.png
    dns_config.png
    17.2 KB · Views: 9
  • switch0.1_config.png
    switch0.1_config.png
    20.5 KB · Views: 8
  • switch0.86_config.png
    switch0.86_config.png
    21.8 KB · Views: 11
  • switch0_config.png
    switch0_config.png
    24.8 KB · Views: 10
Upvote 0 Downvote
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
ch33zw1z said:
2 VLANs DaaQ, that's what you need. I plugged in my ER-X and grabbed a bunch of screen shots, and drew a little diagram. This is what you need, and following that video it should be easy peasy. I named all my screen shots something that makes sense. You basically want all YOUR gear on the 192.168.1.x and your in-laws on 192.168.2.x.

After you get everything working at this level, you will move on to configuring the AP's (this seems to be the biggest hurdle), configuring the Wireless networks via Unifi controller. This is where you will point a particular SSID at a VLAN. After you confirm the configuration is working, you can move on to the Firewall rules to isolate traffic between VLAN 1 and 2.

View attachment 39314
Click to expand...
Thank you for all of this, I currently have eth0-3 working eth2 is my wap +PoE all switch 0 and adopted onto controller.

I deleted the vlan i made last night.to follow your diagrams more closely.
 
Upvote 0 Downvote
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
I want to thank @ch33zw1z for the immense help he provided me on this.

I cannot give enough thanks to ch33zw1z for today. I learned ALOT and almost have everything up and running. Unfortunately it is too late to tun up to the inlaws to reset their nanobeam, but I am confident once done I will be able to complete the configuration. My side is bac up and running. Main thing I had to do was uninstall unifi controller and reinstall and it adopted my WAP and settings without input.

Thanks again @ch33zw1z message me on Discord if you happen to have the cash app installed. I will detail more there.
 
  • Like
Reactions: ch33zw1z
Upvote 0 Downvote
DaaQ

DaaQ

Golden Member
Dec 8, 2018
1,314
944
136
ch33zw1z said:
@DaaQ - glad it's progressing. If you have any more questions, fire away. 😀
Click to expand...
I will say that the MOCA link is not playing well. Not sure if I should add eth3 to switch 0 or keep as VLAN. right now i can't figurer out how to get it to work right, this is TiVo stuff with a netgear MOCA adapter. I will worry about it in awhile after I get Bridge up.
 
Upvote 0 Downvote
ch33zw1z

ch33zw1z

Lifer
Nov 4, 2004
37,768
18,046
146
DaaQ said:
I will say that the MOCA link is not playing well. Not sure if I should add eth3 to switch 0 or keep as VLAN. right now i can't figurer out how to get it to work right, this is TiVo stuff with a netgear MOCA adapter. I will worry about it in awhile after I get Bridge up.
Click to expand...

Clear the IP config from eth3 and add it to the vlan port list, pvid 1

Or, leave eth3 as the "admin" and use one of those unmanaged switches off of eth1

Pvid 1 is untagged and untagged traffic is fine over unmanaged switches.

I suggest option 2 for now
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom