How to Use The UniFi Dream Machine Pro With pfsense

pfsense toturials

A easier solution is to sell the UDM pro 😂

I used pfSense, thanks to Tom, before I was bitten by the Unifi Bug. I always liked pfSense and wanted to use it with my UDM. I connected my system a little differently. I used pfSense as the DHCP Server. Made the UDM one IP address above the LAN DHCP. Connected Port 1 (LAN) to LAN. Connected Port 5 (WAN) to LAN2. Everything worked perfectly. No need to Forget and Adopt Unifi Devices.

What's the problem with UDM Pro? I had a pfsense for years and it was OK but the weird firmware updates and OS versions turned me off. I did like open vpn but I can setup an open vpn server and forward traffic. If I really want it.

Rather than managing DHCP that far upstream and having DHCP Clients travel to Narnia and back just for a lease, wouldn't it make more sense to just manage DHCP further downstream on the Unifi L3 switch?

Why not static route from PFSense and plug in on the DM WAN port a let the DM do DHCP? Sorry if this is a stupid question.

I know this is highly unlikely and hard, but would it be possible to flash a udm-pro with something else?

Disable nat in the UI and create static routes in pfsense would be a step for me.

Thank you this, Tom! Very helpful. My question is how does the UDMP re-adopt protect cams and APs if we turn off DHCP and it’s not handing out IP addresses? Is that something that the PF sense FW will do going forward?

Overpriced and not that solid(imho).

thats the same way I did it.

I bought a Netgate after your videos and only a couple months after a Dream Machine. I set it up just like you suggested. Works great so far. Thanks for the guide and thanks for getting me exposed to pfsense.

You have are the inspiration for my current lab projects.

Great video! Would love to see a more in-depth setup of this scenario.

Thanks for putting this together. I've got an ERPro8 and those are getting a bit long in the tooth. I can't avoid double-NAT as it stands, as my ISP's router won't disable NAT due to IP4/6. I have to DMZ/port forward from that router to mine. I hope to finally replace the ERPro8 with a pfSense box later this year, so this will be very handy.

I'm thinking of adding pfsense to my all Ubiquiti network. I'm glad I remembered I watched this a while back because I was going to implement this without the UDMP WAN connection which would have hosed it's ability to phone home. I would sell the UDMP SE but I don't want to hoist those problems onto others so I'll just treat it as a fancy 8 port switch that's driving a bunch of slow POE devices and configuring my switches and APs. At least my high throughput traffic will circumvent the UDMP. The problem I'm trying to solve here is that the UDMP SE seems to lockup when I download games on steam over a 1Gbps google fiber connection. I think the UDMP SE is just getting overwhelmed although my usage isn't too out of the ordinary.

I started out with a USG and moved to pfSense mainly due to your videos.

Thank you for this info Tom! I am thinking about doing this in my new home build.......grin

Would you consider making a setup video for a standalone UDM/UDMP? This would be aimed at someone who has purchased a UDM/UDMP and doesn’t have the funds to purchase another firewall device.

Hi Tom, after using untangle on a dedicated device for a couple of years (was happy with it), along with Unifi AP's using the software controller in a VM - I had a stroke of luck where I acquired a Unify UDM Pro and additional 8 Unifi 8 Port POE switch for free (it came from a site my company took over and they don't use Unifi so I was the beneficiary).