UniFi vlans , Wifi and switch port profiles

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone Cody from Mac telecom networks here today we're going to talk about VLANs trunk ports and as well as not actually extending all our VLANs to certain switches or access points the reason you don't want to do that it's good security measures if you're not if you're only using a certain amount of VLANs on a network so if you're if you're only broadcasting VLAN 10 20 and 30 you should only actually trunk that instead of trunking all so right now this is how our actual topology looks like so here's my internet that's my internet connection from I'm in Canada it's Rogers internet and that's connecting to the LAN port on my USG from there that goes to port 1 on my Mac Telecom switch 1 we have a cloud key connected to port 2 of the Mac Telecom switch 1 and then right here the port 25 s of P 1 and s of P 2 these are actually on on three LC - LC fiber connections and they're using a lag a link aggregation group so it's actually giving me 2 gigs of bandwidth between the switches as these are only one gig ports each there's we're using 10 gig SRS fps and then we have another switch down here and this switch is just 4 p OE these last four ports rpoe and we have one port one of our eight ports which connecting to port 26 of mac telecom switch 1 and then port 2 connecting to port 26 on mac telecom switch - I don't know I don't oh it's actually sorry port 23 for 23 on both switches so we have that for redundancy purposes if one of the switches go down then we still have a link back to the internet and then we have a UAP Pro and that's connecting to port 5 on the unify 8 port switch as these are only these last four ports are only po8 so what we're gonna do we will this these SFP ports right here between these switches those should be will configure those to do all and that so that will let all type of traffic all VLANs pass between one and two and then for our you error for you ap will do only VLAN 20 and 30 and then from the from these trunk links to the both switches will do it VLAN 10 20 and 30 if you guys like my videos please hit the thumbs up button hit the subscribe button for more videos if you guys want to for me to make any videos on a certain topic let me know in the comments and I'll try to make it okay so I added on to this what VLANs are gonna be going through so from the switch 1 & 2 to our 8 ports which it'll be VLAN 10 20 and 30 and then front to the UAP it will be VLAN 10 and 20 and then through here will be all so right now you can see these are all my devices it's actually mapped out here as well and then we will go back to devices and I'll click on switch 1 or Mac Telecom switch so these ports right here they should already be giving sending all the VLAN information so we'll go to the SFP ports and right now the switch profile so they're sending all traffic whatever VLANs you have on the network you we could go to port 20 or sp2 as well and it should say the same thing because they're actually you can even click on it because they're in the link aggregation this switch will be the exact same for us a P 1 & 2 so they're broadcasting all right now so our UAP is connected to this right here on port 5 I'm not even sure what the configuration on right now it's showing for switch for all we're gonna end up setting that for VLAN I believe it was 10 and 20 so the first thing we need to do we need to create a new network because go to networks local networks right now we only have VLAN 30 and 21 druid this was just a I'm not even sure what this was used for it to be honest with you so we'll go create Network create standard Network and we'll just go VLAN 20 and we'll do small client will put 2-0 there and then VLAN 20 we'll go next next done so that's using VLAN 20 we have 30 so we got to create VLAN 10 as well so it'll just create VLAN 10 and we'll put that one I to 1 6 8 10 dot one and put that in VLAN 10 press next next okay so now the VLANs are complete will actually create because we're gonna have VLAN 10 and 20 in the 4 wireless so we'll create some wireless networks let me remove that so we're create create a basic Wi-Fi and we'll just go VLAN 10 password-protected we'll just go test 1 2 3 4 which obviously I say in every video you should have a strong password and then we'll go neck done so we're gonna edit go it because we want this to actually this this to go into VLAN 10 so we want to go here and go use VLAN and then 10 and then press apply so now we need we're gonna create another network that hat is just for VLAN 20 test one two three four will be the password and then go back in as well and then actually assign it a veal and so use VLAN 20 so what will happen this will want to be on VLAN 10 and 20 so it will actually grab an IP address from the 192 168 20.0 or 10.0 network what we have to do is to actually create something called switch profiles these switch profiles will allow you to actually put on the uplink ports what you want to actually the VLANs to be presented to it so we'll go down we'll go to or is it configuration profiles switch ports so there's VLAN 10 20 sales admin so these get automatically created but we're gonna create it so VLAN 10 and 20 are together so the native VLAN will just do it as LAN so VLAN 10 and 20 so then we'll select 20 and 10 we don't have any voice networks and we'll just click done so now to for the access point what we're going to want to do we want to go here we want to go to our a port POS which and to the port where our wireless access point is connected click on that and then hit the little pencil icon to edit and then switch port profiles VLAN 10 and 20 and then press apply so now that's going to provision on the actual switch so this is done right here now we want the we need to create a second switch profile for VLAN 10 20 and 30 so what we're gonna do we go settings configuration profiles switch ports VLAN 10 20 30 LAN will be our native as well so 30 and press done so we'll click our devices once more we'll go back here this is actually why that's in a blocking state ok that's fine we'll click on there and then we'll go to the switch profiles 10 20 30 supply we'll go back to this uplink port on number two and do the same thing and then we want to go to where these are actually connected to so on switch 1 port 24 wait a 24 23 sorry you want to click on that go to port 23 and then you want to do only 10 20 and 30 on that you have to do it on both switches it won't actually auto negotiate that so then Mac Telecom switch 2 will go to port 23 will go down and then we'll switch that to 10 20 30 and apply and that should be it for our profiles looks good so what I'm gonna do I'm gonna hop over to bring my phone up and then we're gonna connect to the Wi-Fi networks and show that we could get on to VLAN 10 and 20 all right so I'm gonna do this actually from my computer hi my Wi-Fi NIC adapter connected right now we're connected to Wi-Fi Deloris we're gonna connect to VLAN 10 connect put our password of test 1 2 3 4 in press next click no and we should have a 191 6 8 10 dot whatever network or which we do so we have 192 168 10.6 should be able to ping Google I hope and we can so we could we have network access now so let's try VLAN 20 whoops next no and this should give us something in the 20 Network and you see that we have 1 9 2 1 6 8 20.6 so that's switch profiles for you they do I believe ubiquity does do switch port security I just haven't actually gone deep into it with Cisco you could actually say this MAC address is only allowed on this switch port if something else is plugged in to the switch port then the port will actually air disable another good security tip for any ports that are unused you should actually have them shut down and how you do that you go to say port twos down click the little pencil and then go disable press apply and now that port is disabled and it should actually show up like that eventually it will because port 24 on this switch is actually in a dis state disabled State as well if you guys liked this video please hit the thumbs up button please hit subscribe if you want me to do any other type of video for you for unify for security cameras for anything network related let me know I just got a Raspberry Pi so I'm gonna be doing some videos on that and testing it out thanks a lot guys

Info

Channel: Mactelecom Networks

Views: 42,958

Rating: undefined out of 5

Keywords: unifi switch profiles, unifi switch port profiles, unifi trunk, ubiquiti networks, unifi switch trunk, unifi switch, ubiquiti unifi, unifi vlans tutorial, unifi multiple vlans, unifi trunk setup, unifi wifi setup, unifi wifi setup guide, ubiquiti access point, ubiquiti access point setup, ubiquiti access point install, ubiquiti access point setup without controller, ubiquiti access point review, unifi switch 8 60w, ubiquiti networks unifi

Id: YmeSe_9IGlk

Channel Id: undefined

Length: 12min 10sec (730 seconds)

Published: Wed Jan 22 2020