@inzania, Try removing the switch from the middle and plugging the AP straight into the Peplink device.
If it gets an IP address, your switch is not configured correctly.
Did you by chance change tag any of the ports on the switch for certain VLAN networks? If so remove them or try plugging the AP into a port on the switch that is not tagged for a VLAN. The port profile should say “ALL” when hovering over it in the controller.
Random question have you tried plugging in a network cable directly to the Peplink device to see if it is giving out DHCP assignments correctly?
Last thing is if it is Unifi equipment causing the issue and you cant figure it out, I would recommend a full reset on that equipment specifically and just set everything up again manually.
I use VLANs in my Unifi AP setup with my Balance 20x acting as the router. I don’t have Unifi router at all. Just their APs.
So lets say you want to create a SSID for IoT devices to keep them separate from your LAN devices.
First you have to create a VLAN only network in the Unifi controller (VLAN 2 for example). Then create a SSID that those IoT devices will connect to and make sure its tagged with VLAN 2 traffic. Then create a network in the Peplink Device that is tagged with the same VLAN number as the number (VLAN 2) you made in the Unifi controller. That network will have a different IP/subnet range than your regular LAN of course with DHCP, etc…
Then you have to create a switch profile in the Unifi controller. If using one AP for all SSIDs, then when you create the switch profile you need the native network to be your trusted network and then the tagged VLAN needs to be the IoT VLAN (VLAN 2) we created. Then assign that switch profile to the switch port that has your Unifi AP connected to it. Now, the AP will tag all traffic on the IoT SSID in VLAN 2 and leave everything else untagged as traffic passes through it.
Then setup whatever routing you want in the Peplink router and enjoy. You will need to have “Inter-Vlan routing” checked in your Peplink Router if you want to go from LAN → IoT. You can setup rules to prevent IoT → LAN.
The port which I’m using for the Ubiquiti gear is Trunk/Any (other ports are assigned specific VLANs).
Yes; the Ubiquiti port (Trunk/Any) assigns a non-VLAN (default network) IP address when I plug my laptop into it directly.
This is not possible because the AP is PoE only, and the Peplink does not provide PoE. Instead, I stuck an (unmanaged) Netgear switch in the middle which provides PoE. The AP powers up and turns white, but does not have an IP address in Peplink or broadcast a SSID.
Finally went that route. I deleted the entire config/data folder on my Linux box and unplugged all the Ubiquiti gear. Did a factory reset on the USW Pro 24 switch and single AP. Set them all up again, and finally this time it worked! I now have 3 VLANs, and the two WiFi networks properly assign DHCP leases for their VLAN
Whoops; my original thinking was that ports 1&2 would be aggregated, that way if I want to use ports 3&4 on the Peplink for some other LAN purposes, I’d get 2Gbps intra-LAN instead of 1Gbps… but please correct me if I’m wrong or if aggregation has some downside I’m unaware of.
Setting up Link Aggregation between 2 switches to increase bandwidth for intra-LAN traffic between those 2 switches makes sense. But your edge device doesnt make sense… Its already feeding your switch at 1GB so if your internet connection isnt more than 1GB than no your arent helping anything.
Specifically, I was thinking of plugging my main Linux server into Peplink port #4. It runs the Unifi Network controller, and having it upstream of the Unifi switches seems to make sense so that it is available to them as they reboot. However, it also runs many other things which require high LAN throughput, like processing video from the security cameras. Thus, I want as much bandwidth between it and the Ubiquiti switches (which contain the UNVR, etc.) as possible.
1Gbps is PLENTY for cameras when your Linux box is plugged into your UBNT switch… We sell 1000’s of HD POE cameras a year. Mostly 8MP and PTZ… We are talking AVG bandwidth usage per camera of 4-8Mbps with the PTZ and higher bandwidth cameras in the 15-25Mbps per camera… Thats a LOT of cameras to use up 1Gbps of bandwidth, I mean a TON.
By best practice, we also dont ever put cameras on the MGMT LAN where our servers, computers, etc run… Same goes for VOIP… Our NVR’s have DUAL 1Gbps LAN ports. 1 is addressed and plugs directly into its own POE switch on the camera LAN that all the POE cameras are plugged into. That way cameras communicate directly with the NVR on their own LAN. The second 1Gbps port is plugged into our MGMT LAN switch and is for remote access viewing, etc… We do the same for VOIP phones, PBX’s but on their own VLAN.
Thanks for the advice. It’s not possible at this point for me to physically wire the cameras on a separate port on the Peplink. This is why I hoped to use VLANs. The USG24 has a 10Gbps SFP+ connection to the UNVR and a second SFP+ to a Switch XG 6 PoE — which is the main hub for the security cameras, since it can provide PoE for all of them. So the security camera recordings flow up the SFP+ to the USG24, and then into the UNVR. My next project then is to isolate all these security cameras via a VLAN. Does that sound reasonable?
Unless we are mixing up models. the USW24 has 2 SFP ports, not SFP+… SFP ports are only 1Gbps…
Second, I dont understand what the XG 6 POE is doing for the cameras… 12 security cameras on the XG 6 POE? There are only 4 ethernet ports on this switch and they are 10Gb… IDK of any cameras utilizing 10GB… Most cameras are only 100Mbps still because again, they dont reach above 20-25Mbps… SOME PTZ maybe 30-35Mbps but that is rare and extremely high…
Sorry for leaving that out. The overall network is much more complicated and I’ve been trying to simplify for clarity. And yes, you’re spot on on the model… I mentioned the “Pro” bit above, but seem to have forgotten it in subsequent posts. It’s been a rather sleepless 24h, trying to fix this while the family was asleep so as to not break the internet
Anywho, I assume you’re not spotting any major problems with my intended VLAN strategy for the security cameras…
I like to use as little amount of switches as possible. All those Flex’s on the XG 6 is worrisome but doesnt mean youll have any issues. I would have put all the cameras on a single UBNT 16 POE Gen2 and plugged that directly into a second 1Gbps LAN port directly on the NVR (Linux Box) and kept them off your internal Mgmt LAN. Gets rid of 4 switches (4 points of potential failure) but thats just how I do it… Both accomplish the same thing. My way just has less failure points and is much easier to troubleshoot if a problem ever does arise.
