Hi, I was hoping some here have experience with these. I picked one up to replace a Paloalto PA-200.
A lot of things seem to be backwards with these as security is open by default and logging is dreadful.
Is their some documentation on these without their ecosystems. I notice every piece of documentation I’ve found expects you to be fully tied into their ecosystem.
I’m having issues with setting up vlans securely on these. Most Paloalto/Watchguard/Fortinet/Sonicwall systems I set up are much more straightforward.
1 Like
That is a massive step down you have just taken. And, as you are finding, not worth any effort to try and make a dream machine useful with out the entire unifi hardware and software deployment.
Why are you giving up the Palo Alto to begin with?
I’m not giving it up, it will still be in use but with 10/40g networking I didn’t want it sitting between my workstations and my non DMZ servers.
I will upgrade my 2 PA-200’s to 2 PA-400’s but even then throughput will still be lower so I will keep my workstations / high throughput servers outside of them.
I’ve got them out of the network at the moment but the PA-400’s will be put back in both of my racks when they arrive.
1 Like
ok
so the short answer is yes, unifi does do vlan, PVID, and Trunk ports nearly backwards from industry norms.
‘devices’ in a unifi router is actually any unifi thing, like an AP or switch, or doorbell.
‘Clients’ is an end user ‘DEVICE’ like a pc or cell phone.
and if you expect to keep or get any logging that is not available in the dashboard, you will need to have a log server that you can have the unifi stuff send logging data too.
1 Like
Ah perfect, I have a syslog server so I will point it to that and see if I get anything more useful from it.