Help Center Help Articles Professional Support Community RMA & Warranty Downloads

Creating WiFi and Broadcasting VLANs

UniFi Access Points (APs) allow you to assign VLANs to WiFi SSIDs, ensuring that connected clients become members of the corresponding VLAN. This setup optimizes network segmentation, enhances security, improves performance, and efficiently manages traffic across different segments of your WiFi network.

Creating a New WiFi SSID

  1. Navigate to Settings > WiFi to create a new WiFi.
  2. When creating or modifying a WiFi, click the Network dropdown.
  3. Select the desired network. 
  4. Select all APs, specific APs, or AP groups to broadcast WiFi.
  5. Ensure all ports between your selected APs and gateway are configured to allow the specified network’s VLAN ID (see below). Failure to do so will result in clients being unable to join the WiFi.
    1. UniFi Switches enable all traffic by default, but any third-party switch will need to be manually configured. See VLAN Connectivity to learn more.
    2. Generally APs will use VLAN 1 for communication with UniFi Network unless otherwise specified in the AP’s settings, IP Settings, Network Override.
    3. We generally recommend leaving AP uplink ports “trunked” to allow all traffic from all relevant VLANs. See Switch Port VLAN Assignment to learn more.
  6. Optionally configure any advanced settings.
    Note: Our default settings are optimized for maximum client compatibility and roaming performance. This includes enabling Band Steering and BSS Transition, using all relevant frequencies (2.4/5/6 GHz, depending on the AP model), and using WPA2/3 Personal with optional PMF for security

Creating Guest WiFi

For more detailed guidance on related topics, check out our Hotspot Portal and Guest WiFi article.

Troubleshooting: Clients Unable to Connect to WiFi

Devices being unable to join the WiFi is typically a sign that there is incorrect VLAN tagging on an upstream switch port. See Troubleshooting VLAN Configurations for more information.

By default, UniFi sets WPA2/3 Personal for enhanced security on modern clients and compatibility with legacy and IoT clients. However, some IoT clients may not be tolerant of this encryption standard; by toggling Advanced from Auto to Manual, you can set WPA2 Personal, however this will disable 6 GHz connectivity for that SSID. A dedicated IoT SSID may help you maximize connectivity while allowing your primary SSID to use more advanced features with modern clients.

Was this article helpful?
0 out of 0 found this helpful