There are some great instructions on the Ubuntu wiki, but the essentials are as follows. I moved an Ethernet device to a vlan on my Unifi switch and changed the settings as above. Crosstalk Solution's video on secure IoT network configuration. I have two questions I notice that on your YouTube video “Unifi Vlans” you setup firewall rules for Chromecast would that be the same way if I need device that are in a different Clan to connect to Plex server sitting on my main Lan? So if you have a Chromecast on an IoT VLAN, I'm specifically interested in your feedback. Your Wi-Fi network configuration prevents devices from communicating with your device. When you have VLANs configured, the setup is slightly more complicated. Create a VLAN in the UniFi SDN which allows us to assign access ports to the IoT network for wired devices 1. Select Configure > Monitor > Switch ports. If you have trouble setting up your Chromecast or Google Nest or Home speaker or display, try this: Disable Access Point (AP) isolation, also known as client isolation or guest mode, on your router. (used for google chromecast) Unifi setup & questions on VLAN and security : Ubiquiti › Search The Best Images at In order to allow Chromecast to work smoothly in your network, you might require the following rules for the Chromecast device: Allow high UDP ports both incoming and outgoing. Archive View the WiFi for the granny flat has guest polices but not ideal as dad cannot cast to his Chromecast or google home but if I turn off The Chromecast should then reply to the source IP it was given. As it turns out, to get a UniFi network running at home you actually do need to care about a few things. "High ports" are the local ports usually ranging 32768-61000. disable the auto-optimize network option. The UniFi US-8-150W Switch 8 POE Switch supports static & dynamic VLAN tagging, 802. My group has 10 entries: 4x USG IP addresses, 1 per VLAN. So far, the only Chromecast-specific rules I've needed: OUTBOUND: Allow Chromecasts to send TCP traffic from ports 8008-8009 + 8443 to any port on any client on the Main LAN. 2: Add a virtual interface, and assign a VLAN to it. This is very common to have in your firewall, usually even together with RELATED, e. Secondly, my Home Assistance instance is not detected as Home Assistance in the desktop app. Chromecast unifi vlan IGMP snooping is activated since Ubiquiti suggests this in Best Practices for Managing Chromecast.