My internet provider has issues bridging their mandatory router, resulting in double NAT if I use my Dream Machine Pro. Does this mean that I can turn off NAT on my DMP, making it act like a switch with all NAT being handled by my ISP’s router? If so that would be amazing!
Would a use case for this be to set another router/firewall such as PFSense as your main device and then use the UDM downstream to do all the unifi stuff such as be the controller for Wi-Fi access points and protect security cameras?
Kind of funny that this finally comes... at a time when a lot of people feel the UniFi gateway line is getting solid enough just to run as the primary router / firewall anyway!
Hi Willie - I'm trying to wrap my head around this and have some questions: Real world example: My ISP provides me with a block of public static IPs (81.x.y.0/29), of which I can utilise .4 .5 and .6 I have configured the Internet setting in my UDM Pro Max to add the 81.x.y.4, 81.x.y.5 and 81.x.y.6 as additional IP Addresses When setting up the No NAT VLAN, Unifi allows me to specify either ONE of the additional IP addresses or create a "Pool" which contains all three additional IPs I wish to setup 3 internal Hosts (e.g. travel routers) with their WAN side set to the static IPs 81.x.y.4, 81.x.y.5 and 81.x.y.6 So the questions: q 1) Do I need to set up 3 separate NoNAT VLANs each using the one of the additional IPs for its Internet Source IP OR can I create a single NoNAT VLAN and use the "Pool" noted above and so attach all 3 on my Internal Hosts to the same VLAN q 2) When setting the Gateway IP on the No NAT VLAN, I assume I use the Gateway IP (supplied by my ISP) for the Static IP block i.e 81.x.y.1 Finally, the above mentioned ISP is my Secondary ISP (WAN2), my main ISP (WAN1) is DHCP. I note that when setting up the No NAT VLAN, both WAN1 and WAN2 are present, but I cannot just select WAN2 (and its additional static IP addresses). q 3) So do I need to set up some additional Routing to ensure that all the traffic for the No NAT VLAN only goes via the WAN2 interface. Policy based routing looks to do what I need Thanks in advance for your help
![[ ออกกอง ] วัยหนุ่ม 2544 โลกหลังลูกกรง..ทัวร์กองถ่ายหนังใน "คุกของจริง" | JUSTดูIT.](http://i.ytimg.com/vi/vB--aOkZCpw/mqdefault.jpg)
![[LIVE] : ONE ลุมพินี 89 | คู่เอก "ยอดไอคิว vs คิริลล์"](http://i.ytimg.com/vi/Z3vYkHJ_5Ig/mqdefault.jpg)
My internet provider has issues bridging their mandatory router, resulting in double NAT if I use my Dream Machine Pro. Does this mean that I can turn off NAT on my DMP, making it act like a switch with all NAT being handled by my ISP’s router? If so that would be amazing!
Sweet, just tried it and it worked. Willie nice targets in the background, I own an outdoor range in FL
Would a use case for this be to set another router/firewall such as PFSense as your main device and then use the UDM downstream to do all the unifi stuff such as be the controller for Wi-Fi access points and protect security cameras?
Flip it the other way around.
Could you do this with the wan ? Basically one win connection to your ISP and the other with a private wan connection like MPLS or Metro fiber
Kind of funny that this finally comes... at a time when a lot of people feel the UniFi gateway line is getting solid enough just to run as the primary router / firewall anyway!
Hi Willie - I'm trying to wrap my head around this and have some questions:
Real world example: My ISP provides me with a block of public static IPs (81.x.y.0/29), of which I can utilise .4 .5 and .6
I have configured the Internet setting in my UDM Pro Max to add the 81.x.y.4, 81.x.y.5 and 81.x.y.6 as additional IP Addresses
When setting up the No NAT VLAN, Unifi allows me to specify either ONE of the additional IP addresses or create a "Pool" which contains all three additional IPs
I wish to setup 3 internal Hosts (e.g. travel routers) with their WAN side set to the static IPs 81.x.y.4, 81.x.y.5 and 81.x.y.6
So the questions:
q 1) Do I need to set up 3 separate NoNAT VLANs each using the one of the additional IPs for its Internet Source IP OR can I create a single NoNAT VLAN and use the "Pool" noted above and so attach all 3 on my Internal Hosts to the same VLAN
q 2) When setting the Gateway IP on the No NAT VLAN, I assume I use the Gateway IP (supplied by my ISP) for the Static IP block i.e 81.x.y.1
Finally, the above mentioned ISP is my Secondary ISP (WAN2), my main ISP (WAN1) is DHCP.
I note that when setting up the No NAT VLAN, both WAN1 and WAN2 are present, but I cannot just select WAN2 (and its additional static IP addresses).
q 3) So do I need to set up some additional Routing to ensure that all the traffic for the No NAT VLAN only goes via the WAN2 interface. Policy based routing looks to do what I need
Thanks in advance for your help
I don't have a NAT tab...
I'm on 8.5.6 with a Gateway Pro
USG Pro
Any help with disabling NAT for a private IP range that uses sonicwall would be greatly appreciated
Wild that in 2024...............this is a feature