I presume the VLAN tagging is not working correctly? In any case, you can use this guide instead: https://www.blacktubi.com/guide/make-any-ro...-work-on-unifi/

It uses a TP Link switch (cost less than RM100) that you can use to separate the VLAN's beforehand. Hence you don't need to configure the VLAN in PFSense anymore

Qotom Barebone PC Q355G4 with Intel Core i5 5200U Processor up to 2.2 GHz 4 Intel Gigabit NIC Mini PC Pfsense Firewall Router (if you opt for this route, make sure to reinstall pfsense from usb stick. don't trust the default install  :S )

$233

Crucial 8GB Single DDR3/DDR3L 1600 MT/S (PC3-12800) Unbuffered SODIMM 204-Pin Memory - CT102464BF160B

$49 ish


Samsung SSD 860 EVO 250GB mSATA Internal SSD (MZ-M6E250BW)

$79 ish

I presume the VLAN tagging is not working correctly? In any case, you can use this guide instead: https://www.blacktubi.com/guide/make-any-ro...-work-on-unifi/

It uses a TP Link switch (cost less than RM100) that you can use to separate the VLAN's beforehand. Hence you don't need to configure the VLAN in PFSense anymore

In layman terms, using the Easy Smart Switch from TP-Link allow you to use any router in the market even those without Unifi mode in the firmware.

With the configuration, your TM Unifi modem (Fibre ONU) should be connected to port 1. Your wireless router should be connected to Port 3 and HyppTV should be connected to Port 5. I wouldn’t go in on how to setup your wireless router but you can setup your wireless router as usual with the PPPOE mode using your Unifi PPPOE ID and Password. Do not select any Unifi profile if available! Nothing need to be done on the HyppTV, it should work properly immediately.

i checked it out
that does sound amazing 

but it shows the switch is connected direct to the modem. is that safe ?

i use a switch, but i keep that behind my router. So it's not directly connected to the modem. Only the router is connected to the modem physically via ethernet.

in pfsense there is already a setting for adding a vlan.

done configured pfSense for tm unifi and it's so easy actually. Also got working hypptv as well

long way transition from default tm router —> asus —> mikrotik —> and now pfSense!

running pfSense as VM with proxmox host on bare metal server. running together are pihole,unifi controller, Home Assistant, netdata to monitor and heimdall as unified homepage

next time wanna try to configure pfblockerNG/pihole, ntopg and openVPN

how?? 

earlier you just said you tried a config (kudos for the pics), but you didn't mentioned what you changed to get it to work 

create vlan 500 & user port WAN  ( in my case vtne1)
look like this



port assignment WAN (use the VLAN 500 u just created)
edit WAN port to use PPPoe, then put username & password there
then it will look like this



go to PPP tab change the Interface(s)/Port(s) to ur WAN port (my case vtnet1)
it will look like this



then u should get the unifi connect!



enjoy pfSense..so powerful!

...

PfSense 2.3.2 with TM Unifi Installation & Configuration
by NOOR AMLI SAID·
NOVEMBER 8, 2016

This article will guide you through the basic installations on how to install and configure pfSense version 2.3.2 in a home network with working HyppTV on TM UNIFI

My Hardware
Pentium 4 2.8Ghz Processor, 2GB RAM, 80GB of HDD, CD-ROM
2 PCI Ethernet cards + 1 onboard ethernet port, and a pfsense ISO file available from http://nyifiles.pfsense.org/mirror/downloa...ASE-i386.iso.gz

Internet Connection i'm using.

TM UNIFI Advanced 30mb with HyppTV active. We'll setup VLAN 500 for PPPoE and VLAN 600 for HyppTV


Setup Summary
Onboard Ethernet (rl2) - LAN - 192.168.1.1/24. Connect to your home network
PCI Ethernet NIC1 (rl0)- WAN - VLAN500 & VLAN600. Connect your TM BTU here
PCI Ethernect NIC2 (rl1) - IPTV - Connect your HyppTV set top box here 


pfSense Installation
1- Download the image from pfSense download page. Here i am using i386 platform.
2- unzip downloaded gz file using 7zip then burn the ISO image on to CD using imgburn.
3- Now reboot target machine and set BIOS boot option to boot CDROM first.
4- Once boot into CD, select 1 to "Boot Multi User" then press Enter
5- Then press "I" to launch the installer
6- on Configure Console, choose "Accept these Settings"
7- on Select Task, choose "Custom Install"
8- Select disk to install pfSense
9- Choose This Disk
10- Then choose "Use this Geometry" and Format this disk.
11- Partition Disk then choose "Accept and Create"
12- Yes, partition ada0
13- Accept and Install Bootblocks
14- Choose the partition on top for Bootblock. Let it finish partition.
15- on Select Subpartition. Choose "Accept and Create"
16- Install Kernel menu, choose "Standard Kernel"
17- Reboot your machine

pfSense Configuration
1- Once boot up, on "Assign Interfaces" menu choose "y" on "Should VLANs be set up now?"
2- Our first PCI NIC (rl0) will be used as WAN, so type rl0 here
3- Enter VLAN tag : 500
4- Then select rl0 again and Enter VLAN tag :600
5- Press enter to proceed.
6- Enter WAN interface name: rl0
7- Enter LAN interface name: rl2
8- Enter Optional 1 interface name: rl1
9- Press Enter to proceed. Choose 'y' to proceed

VLAN Setup for TM UNIFI
By default IP address is set to 192.168.1.1, username:admin, password:pfsense
10- Login to your pfSense using another laptop. Set laptop IP address to be in 192.168.1.0 range
11- using web browser, type http://192.168.1.1 to access to pfSense login page.
12- Click into Interfaces / then VLANs. Make sure the setup is as below
13- Parent Interface: rl0
14- VLAN Tag : 500
15- then click Save
16- Then another VLAN
17- Parent Interface: rl0
18- VLAN Tag : 600

Interface Assignments PPPoE
20- Browse to Interface / Interface Assignments
20- From "available network ports" choose rl0_vlan500. Then click add
21- On "General Configuration"  Tick Enable interface, and set IPv4 Configuration type to PPPoE 
22- On PPPoE Configuration put in your TM UNIFI account username and password. Please contact TM Support Center for these details.
23- Then Click Save.

Interface Assignments HyppTV
24- Browse to Interface / Interface Assignments
25- Edit OPT1 Interface, change description to IPTV. Then click Save
26- From "available network ports" choose VLAN 600 in rl0
27- Click Add
28- Then browse to Interfaces / Bridges / Edit
29- Member Interfaces. Choose IPTV and VLAN600. Change description to IPTV-Bridge
30- Click Save

Firewall Setup
Now plug everything accordingly rl0-to TM Unifi BTU, rl1- to HyppTV Set top Box and rl2- to your home network switch
31- Browse to Firewall / Rules / LAN.
32- Make sure LAN Action=Pass, Protocol=Any
33- Browse to Firewall / Rules / IPTV
34- Set to IPTV Action=Pass, Protocol=Any
35- Set on IPTV Extra Options / Advanced Options. Tick Allow IP Options to pass.
36- Browse to Firewall / Rules / PPPoE
37- Set to PPPoE Action=Pass, Protocol=Any
38- Browse to Firewall / Rules / VLAN600
39- Set to VLAN600 Action=Pass, Protocol=Any
40- Set on VLAN600 Extra Options / Advanced Options. Tick Allow IP Options to pass.
41- Click save.
Enjoy PfSense with TM Unifi

3- Enter VLAN tag : 500
4- Then select rl0 again and Enter VLAN tag :600

okay i deleted my old config for this, then re-did it based on this guide. had to go back and forth until i got something that worked close enuff to the instructions.

instead of add interface for pppoe, that part i just edit the existing wan, and edited the general config for it, and added pppoe and the isp credentials save. then i check interface assignments, that this is now the wan which it should be.

so in interface assignments, i only have a wan and lan.


in vlan i only have that one vlan tag 500 entry bound to the wan port.

then i go to interface, wan, then edit it to PPPOe and add isp credentials, save.

Now in interface assignments there is a pppoe is bound to vtnet0.500 , this i replace the original wan interface "vnet0" with the new pppoe vtnet0.500 entry.


i then wipe logs and then i rebooted the router via cmd "5" normal reboot.

i confirm that the wan logs into isp, i have broadband access, and no pppoe spam so far.

Question why pfsense and not opnsense?

never looked at opnsense. is it better

It seems simpler,cleaner looking UI and probably 98% similar to pfsense.

the setup was on an apu4d4 = 4 i211AT LAN / AMD GX-412TC CPU / 4 GB DRAM / dual SIM by pc engines

done configured pfSense for tm unifi and it's so easy actually. Also got working hypptv as well

long way transition from default tm router —> asus —> mikrotik —> and now pfSense!

running pfSense as VM with proxmox host on bare metal server. running together are pihole,unifi controller, Home Assistant, netdata to monitor and heimdall as unified homepage

next time wanna try to configure pfblockerNG/pihole, ntopg and openVPN

I would like try pfsense also.... Now on MikroTik.. Is it true pfsense way more better than mikrotik

hm... i did not configure the ipv6 portion for pfsense. because last i heard ipv6 is not quite good for vpn for most part due to leaks. ip4 just works (for now), so i did not have the need to setup ipv6 just yet.

do you actually need ipv6 running? your internet should be fine without it.
https://www.networkworld.com/article/344520...n-breakout.html

https://www.vpnuniversity.com/learn/should-...pn-support-ipv6

https://www.itproportal.com/features/ipv6-y...er-supports-it/

https://www.expressvpn.com/blog/disable-ipv...vpn-protection/
i see that you are using google dns. thats fine, but i think the cloudflare dns is better in the sense they claim no log policy, so they periodically wipe dns history. google makes no such policy whatsoever.

https://www.techradar.com/sg/reviews/cloudflare-dns
DNS Over TLS On pfSense 2.4.5
https://www.youtube.com/watch?v=5mygS-TiT9c

Personally I prefer Quad9 DNS, they're (soon) Switzerland based, similar policy to Cloudflare but they block malware domains.
There's also a unfiltered one should you choose to use that.

Also, they have a Malaysia server, which is pretty nice

done configured pfSense for tm unifi and it's so easy actually. Also got working hypptv as well

long way transition from default tm router —> asus —> mikrotik —> and now pfSense!

running pfSense as VM with proxmox host on bare metal server. running together are pihole,unifi controller, Home Assistant, netdata to monitor and heimdall as unified homepage

next time wanna try to configure pfblockerNG/pihole, ntopg and openVPN