Unifi controler: Can't add a vlan to the management network?

Networking Networking Hardware
1

Hello

For years now i have been looking at this issue on and off, without really finding how to fix it/work around it :frowning:

When i first setup the unifi controller software (on a vm) i filled the network information of my admin network. It’s a dedicated wire off of my pfsense box, that get in a switch.

The issue i have is that, unlike other network added afterward, i can’t put a vlan tag to this network. That mean i can set port on my switch to work in direct access, but where i need this network to be send with other on the same cable, i can’t, or it have to be the native one.

Screenshot from 2020-09-10 14-12-03
Screenshot from 2020-09-10 14-12-031318×849 80 KB

I also can’t add a second network with the same CIDR.

Is this the workaround of unifi to a dedicated management port ?
I can’t believe there isn’t any other way, so what did i miss ?
Should i avoid ‘corporate’ type entirely and only use ‘vlan only’ type ?

Thank’s for reading

2

Hello,
If you’re only trying to make a VLAN I recommend leaving the default network(shouldn’t affect things if you don’t have a USG) and creating the VLAN as a new network.
If you’re trying to use 192.168.20.X/24 as the VLAN network you’ll need to change the default LAN network to another subnet.
Depending on the hardware you’re using, you will need to go onto the port on the switch and tag that port with the VLAN.
But once the VLAN is created as long as the DHCP server is setup and router the the DHCP relay configured it should work.
the UNIFI equipment just needs to know that the VLAN exists so it can handle it correctly.

here are some example shots for you:
This show the VLAN and VLAN tag I created

example
example949×94 6.17 KB

This shows the option to enable the switch

example_2
example_2359×561 33.4 KB

And this one is if you want to apply it to a Wifi Network

example_3
example_3807×641 88 KB

I would show you with the USG but I don’t have one and it doesn’t appear like you do either. But just remember to add the VLAN DHCP relay on the router and switches are tagged and you should be golden… well if I understood your problem correctly.

3

To add new devices to your controller, they will need to be on an untagged switch port anyway. Configure the management VLAN untagged on that switch port for your AP then tag your other VLANs on that switch port and add the VLAN per each wireless network in the controller.

4

Thank you for the reply.
I don’t use a UGS, so no issue there

This is what bother me. if i change the default LAN network, won’t it also change the network used by unify to talk to his device ? because i want it to be the same.

i already have a couple of network and port group for my setup

Screenshot from 2020-09-11 10-23-09
Screenshot from 2020-09-11 10-23-091004×257 25.2 KB

Screenshot from 2020-09-11 10-23-26
Screenshot from 2020-09-11 10-23-261062×470 35.4 KB

but right now if i want to add the admin network to a port group, because it don’t have a vlan it has to be the native port.
Screenshot from 2020-09-11 10-24-26
Screenshot from 2020-09-11 10-24-26968×535 28.7 KB

5

No. Since you don’t have a USG, the “Subnet” value is meaningless in the controller. Just create VLAN Only networks when you need to define a new VLAN and call it good.