I have a rpi4 setup and I got a USB ethernet adapter.
WAN: works fine with USB ethernet, its OK for now.
LAN: with cable is working fine with an unmanaged TP-link switch.
WIFI:
I got some Issues with the Unifi AP.
My AP is on the VLAN 101 (without any DHCP or other settings) and I would like to connect this AP to my LAN network.
I tried a few things from google but can't get to work.
Any Help would be welcomed
root@OpenWrt:/etc/config# cat network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'xxx1:xxxx:xxxx::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
option ipv6 '0'
list ports 'eth0'
config interface 'lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.20.1'
option device 'br-lan'
config interface 'wan'
option proto 'dhcp'
option device 'eth1'
option broadcast '1'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
config interface 'docker'
option device 'docker0'
option proto 'none'
config device
option type 'bridge'
option name 'docker0'
list ports 'vethb7b9dd7'
option bridge_empty '1'
option ipv6 '0'
config device
option name 'eth1'
option ipv6 '0'
config device
option name 'eth0'
option ipv6 '0'
config device
option name 'veth4c78502'
option ipv6 '0'
ps the docker interface and veth4c78502 are my Unifi Controller.
Why am I using VLAN on unifi APs? In this case, I don't need to set up anything in the unifi controller network section and I cloud set up a second WIFI for guests from the same AP.
Here are my draw and shots from unifi controller wifi section.
If you're using a flat network, you do not need to use VLANs at all.
There are two ways of creating a guest network in your scenario:
Create a network as a VLAN on the Pi with the desired permissions/restrictions in the firewall.
Use the guest network feature in the Unifi Network Application.
-- IIRC, the guest network function on the APs (without a Unifi based gateway) will prevent routing from the guest network to your main network, but the rules may not have all that much granularity. If you want a totally isolated guest network, that would be an option. Full disclosure, though... I run a full unifi stack and configure everything manually. I have never ever tried the pre-defined guest network option (with or without a unifi gateway).
If you go with option 2, you don't need to change anything on the Pi or your hardware. And you don't need to use VLANs at all... your AP will live on the standard untagged network, and the rest will happen within the AP itself (via the Unifi firmware).
If you decide you'd like to use option 1, you really should be replacing your switch with a VLAN aware/managed model. The behavior of VLANs through unmanaged switches is undefined -- sometimes it is fine, other times it can cause problems on your network.
With option 1, you'll simply create a new network interface using device eth0.101. It's simple -- set up the network interface, assign it to a firewall zone (a special guest zone is recommend) and establish the desired rules, and usually configure a dhcp server for the guest network.
