Products Firewalla Gold Firewalla Purple Firewalla Blue Plus Firewalla Red Firewalla Blue

About the LAN ports (and VLAN) on Firewalla Gold

Follow
Avatar
Ryan
  • Edited

Hi, am eagerly waiting Gold to arrive and wondering how it fits into my Unifi setup, especially when there are multiple APs and switches.

1. More specifically, is it better to connect for e.g. Gold LAN 3 to a 24-port Unifi switch and then connect everything else to it, including Unifi APs and other Unifi switches?

2. Or, is it better to use Gold LAN 3 for one Unifi switch and use the Gold LAN 2 for second Unifi switch? Can different LAN ports on Gold use the same VLAN?

Without the Gold and the software to try it out, I’m having a hard time visualising the topology and figuring what I gain or lose with either method, e.g. stats I have to give up on the Unifi controller, how VLAN routing works across the Gold’s LAN ports, do I have to re-tag a lot of things, etc.

Thanks!

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Firewalla

    1. Yes, a switch to the Firewalla Gold is the best way to scale your LAN.  Ours is connecting to a Netgear PoE switch.

    2. Firewalla gold does support bridging two ports together.  But, you probably do not want to do this, it will degrade performance. And the reason is the Firewalla Gold is a very efficient layer 3 router, it is not optimized to do basic switching.   Unless you want to do segmentation at layer 3 (IP layer).  

    So ... one of the test environment we  have is

    1. main network: connected to LAN3 via a Netgear gigabit switch with a couple of 10G ports.   The 10G ports connect to our test host, and a test NAS.  Our main wifi (eero) is connected to the Netgear gigabit switch.  (All the other eero units are backhaul into this switch)  

    Here, anything that needs high-speed access to data will be in this network.

    2. IoT network, we have a smaller PoE switch that feeds to two access points, and all the cameras are connected to this network and are isolated from the main network.

    3. Kids network + guest, this is just a simple TPLink AP that does SSID to VLAN mapping, and that is directly connected to Firewalla's ethernet port.   We also placed a few speakers here to test out the mDNS reflector. 

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post