Consistency in configuration is key for management and troubleshooting. The UniFi platform allows the configuration of Profiles. I’ll be looking at Switch Port Profiles in order to quickly set parameters to a switch port with just a drop down option.
In my lab, I have an 8-port UniFi switch, UniFi Cloud Key Gen2 Plus, and a UniFi Security Gateway (USG).
As an example, let’s say there’s an environment where many access points will connect. In my Wi-Fi network I’ll have two SSIDs broadcasting, both on different subnets. Rather than going every single port, converting it to a trunk and allowing the specific VLANs, I’d like to just select a Switch Port Profile to configure that all for me.
Log into your UniFi dashboard and click on the Gear icon located on the bottom left of the window. Once the Settings page is available, on the left navigation under Settings, click on Profiles.
Profiles has two sections, RADIUS and Switch Ports. Click on Switch Ports.
I already have Switch Port profiles configured. But we’ll add a new one for this example. On the bottom, click on Add New Port Profile.
Next, we enter the various parameters for our UniFi Switch Port Profile. Give it a descriptive name. Since I’m configuring this profile for access points I will enable PoE/PoE+.
My access points will be plugged into a trunk port. I’ll need to set the Native VLAN or what UniFi calls the Native Network. I like to place all my access points on my infrastructure VLAN which I’ve selected in the drop down.
Next, we tag the networks we want to include on this trunk. These are the two networks I’ll map to my SSIDs.
The other settings I’ll leave as default. But we could modify settings such as the Link Speed or maybe set up Storm Control. There have been scenarios where I’ve needed to set a threshold for multicast or broadcast.
Once finished, click on Save.
Now it’s time to use this Switch Port Profile. I head over to Devices and select my UniFi switch.
I see see switch ports I can modify. Select one of the ports to bring up the menu so we can modify the settings.
Hover over the port you want to configure and click on the pencil icon to modify.
Within the individual switch port, we can select a Switch Port Profile, the one we just configured, in the drop down menu. Select this profile and click on Apply.
The switch port is now configured as a trunk with the requirements we need to properly allow the broadcast and operation of our Wi-Fi network.
Switch Port Profiles can be configured to your requirements. In my example, I used access points. But maybe you have a set of different server port configurations. Configure the Switch Port Profile and now it’s much simpler, efficient, and clean to set the port configuration.
Sure, you can set up the port to be a trunk allowing all VLANs, but why should you allow VLANs on a port that isn’t required to be on?
Gabriel Schneider says
Hello Rowell, thank you for your description.
Would it be possible, to use Switchport Profiles to automatically turn Ports scheduled on and off?
Have a nice day and greetings from Bonn, Germany,
No, I don’t think there is a way to set up a schedule within a switch port profile.
thank you for your walkthrough.
I have a Unifi wifi AP outside to cover my garden. This AP uses a POE+ from a 60-W switch.
This is a weak spot as any user can unplug the LAN cable from the AP and put it in his laptop – and has now access to my LAN.
Is there a way to use switchport settings to block any other device than the AP? Or any other traffic than wifi?
Thank you for your opinion!
I recommend looking into mac filtering. I haven’t used it on Unifi switches yet but I believe this setting is located at Profiles > Switch Ports > 802.1x > Mac-based
hello. Do you know how come my devices can’t get an IP address when connecting to a network (both wireless and wired) that isn’t the main LAN?
I can’t tell from that much info but it’s probably a missing VLAN, no DHCP server, or your switch port isn’t a trunk.
Tolle Colart says
Hi, is there a way to see on which ports a specific profile is used? Or do you have to check every port of every switch to see if a specific profile is in use?
There is no summary page that shows you what port is using which profile.