UniFi Network - Firewall Rules for VLANS

MrTimTech
MrTimTech
7,536
0
Published 2023-06-20
In this video I will explain how to create Firewall Rules so that VLANS cannot talk to each other and also cannot talk to the main LAN.

However I will also explain how to create an additional Firewall Rule which will also allow devices in the Multi Media VLAN to access a NAS on the Main LAN for streaming music and videos to a Smart TV.

I would recommend watching my previous video in which I explain how to create VLANS and thus this Firewall Rule video takes in to account the creation of the VLANS in the previous video.

Link for the VLANS video is here:
   • UniFi Network - Configuring VLANS  
All Comments (12)
  • @rikkretzinger8728
    Tim - this is the one I have been waiting for and is very clear and to the point as always. Thanks so much for not going at a FAST PACE and losing me with a lot of extra content that is not well explained but seems to just be throwing content out for support of calling themselves an expert at this networking subject. WELL DONE and just what and how I need my learning experience to be!
  • @JsmeLabs
    Thank you so much for this video, I finally setup my network and this explained everything perfectly! Now I know what to do and how to do it properly!
  • @zekeserrano5345
    Well done. But I would recommend explaining a bit more why you make the selections that your making so that we may understand the concept for the decisions. Might help us make different choices if we understand why the particular selections were made by you in creating a rule. TIA
  • @309hex
    Very clear instructions, thank you.
  • @Cr4ft3r99
    Many thanks Tim ... followed your VLAN set-up guide and firewall rules and all worked as expected. One small request, it would help me and I'm sure others just starting out on their Unifi journey to understand a bit more about why some of these settings are as they are ... e.g. when setting up the RFC1918 group, why did we add the 172.16.0.0/12 and 10.0.0.0/8 (and why are the subnet number not 16, like the main IP range?) - cheers
  • @ass8ash
    Along with the inter-vlan drop rule, Wouldn't it be better to also have another LAN Local rule preventing access to the gateway?
  • @jpavett
    I’ve added all the relevant rules from your video but I have one issue. I have two DNS servers on one of my subnets / VLANs, but these requests are still getting through to them successfully, even with the Drop rule. I was going to add an additional file to allow the traffic through before releasing it was already getting through. DNS servers are on 10.44.3.0/24 and host using them is on 10.44.2.0/24. Not sure if you have any idea why. The rule does prevent pings between the devices?l!
  • @angelical791
    I am confused. can you tell me what Network do you use for each vlans? Because on the previous video you used total different networks , Example 192.168.2.0/24, 192.168.3.0/24.....
  • @BTC_Solo
    Hi, can you allow one specific VLAN to be connected to tor but not the other VLANs
  • @you_tube754
    What does the first rule do? Thanks for the great video