AmpliFi HD for isolated network

  • I have a UDM Base as my router, along with various Unifi switches/APs, after my ISP's gateway. I want to create an isolated Network (no need to access anything on the UDM network) that connects to specific hardware in my home using Ethernet only (no need for wifi). I want to connect to the Amplifi router using the Teleport VPN device whenever I'm away from home.

    At first I wondered if I could just connect the Amplifi to another ethernet port on my ISP's gateway, but I can't find anything online on how to make that work. I assume you can't do "IP Passthru" twice on a single gateway.

    Then I thought I could create an isolated VLAN and place the Amplifi router on that network. But I'm not savvy enough yet with Unifi to fully isolate the AmpliFi from the UDM's network and still be able to connect fully thru the UDM's WAN. I tried to plug the Amplifi’s WAN port to my UniFi LAN and put the Amplifi on bridge mode, but the Teleport never could reach the Amplifi from the outside. Any advice?

  • Hi @evlnte - are you attempting to have the bridged HD router open a port on the UDM for Teleport automatically via UPnP?

    Or have you given the HD a reserved IP address, manually set the Teleport port # in the web UI, and set up port forwarding rules in the UDM accordingly?

  • I do not use UPnP due to security risks. So in keeping with my overall network setup, I will likely assign a static IP from the UDM. What I am not sure about is what specific port to forward. In another router, I would have created a pinhole for the cascaded router's IP so that it could have a complete access thru the main router to the net. I just don't know how to do that in a UDM (or even if I should). I suppose if just one port will do the trick to use a Teleport then that's what I'll do.

    I basically want my AmpliFi to have direct access to a few ethernet-wired devices (that it can only see) and be able to connect to those from outside my home using the Teleport.

