I saw a few posts on this already and was lead to this site detailing setup, etc. I however would like to avoid using the Pi method that is described and wanted to wire this thing directly to my existing router.
On page 12 of the above link it explains how it might be possible to make the connection using the hardline input which my PVS6 unit does indeed have. My house was also conveniently built with a wire running from where my network room is all the way to the inside of this solar box (presumably so it could have been connected via cable instead of WiFi). I also use a UDM SE for my networking so I’m pretty sure I have all the tools necessary to get this done.
However, I’m not quite sure what is necessary to configure the network correctly. I was wondering if anyone had done this setup with a hardline or could perhaps provide me some details on what I would need to do with my network/how to isolate the Solar box’s DHCP server as the above link mentions?
Additionally, I was wondering if I would be able to also hardline the WAN connection instead of having the thing depend on WiFi? Would be great if I could reduce the number of devices that need to connect by WiFi Is there perhaps some sort of one-to-two PoE powered switch that I could use to connect both the WAN and LAN ports of the PVS6 that might fit inside the solar box? (I guess a RasPi would work too if need be).
I just read a bit on the site and it seems that the biggest issue is that the system has its own DHCP service and that it seems impossible to disable.
You can generally not run multiple DHCP services on a network, so you have to have the system running on its own network.
This could be handled with a VLAN, but because the system DHCP service also designate itself as the default gateway, then you would not be able to connect to it from another VLAN, because the packets would be send to the system and not your VLAN router.
You need a device on the same local network with the option to define another default gateway, IE. set it up manually.
That is probably why the RPi is needed.
I would be surprised of the Unifi console wasn’t able to configure something like that. Unfortunately my networking knowledge doesn’t expand that far, perhaps I can ask the Unifi community or maybe some IT people I know, unless there is anyone here that would happen to know how such a configuration would (or could) be done with Unifi?
If you were a networking expert and the Unifi system provided deep inspection features with options to rewrite packets, then you might be able to intercept the DHCP packets and change them, but I do not think this is something that would be an one-click feature in any way.
It will not work
When the system get a request, then it will see that the IP is not local and it will send it to its default gateway, which will be itself and not your $10 bridge.
That is why you need a device on the local network to act as a tunnel, not router.
This can be done, but requires the usage of VLANs to keep the subnets separate. I have both LAN ports on my PVS6 connected to ports on my network switch, on separate VLANs.
The WAN port is connected to my ‘untrusted’ VLAN which provides outbound access to the Internet, but no access to anything else.
The LAN port is connected to a ‘PVS’ VLAN which has only one other device on it, the router which handles all routing on my network. It has a VLAN subinterface on this VLAN which uses a DHCP client to get an address from the PVS, and it also uses SNAT (masquerading) to allow connections from other nodes on the network to access the PVS. This allows a monitoring system to reach the PVS API endpoint without having to be directly connected to the PVS (or even on the ‘PVS’ VLAN).
This is probably possible with a UDM, but I haven’t got a clue how you’d do it
