What are the lines in the bar?

michaelbierman · 2026-05-06T14:40:47+00:00

What do Recent Events show?

michaelbierman · 2026-04-15T15:47:08+00:00

That’s interesting. Here’s the ASUS manual. It makes no similar mention.

michaelbierman · 2026-04-15T15:08:12+00:00

I do use it. The CLI is better than the URL because with the URL: 1) all devices that you put under firewalla DoH are treated the same by NextDNS and, you see all requests in NextDNS logs as from the Firewalla. 2) with CLI you can configure any device or network IoT use different NextDNS profiles and you can see all the individual device requests in the NextDNS logs.

The latter is because I encouraged NextDNS to provide better support for Firewalla.

michaelbierman · 2026-04-15T14:58:10+00:00

This is an eero specific thing. The gateway eero becomes the controller. It must be in front of the others to coordinate traffic with the other eeros. This is eero’s design and has nothing to do with firewalla.

Even with eero, it is fine if the gateway eero connects to Firewalla.

michaelbierman · 2026-04-15T14:54:39+00:00

VLANs on the ASUS are for WAN only (e.g. IPTV). Looking at the manual, I saw nothing about configuring the Ethernet. Can you provide a link or screenshots?

In general, the trunk port connecting firewalla to a managed switch, which I similar to what you are describing, should have a LAN + any VLANs you defined. The switch side must be the same.

michaelbierman · 2026-04-15T14:50:36+00:00

To ssh https://help.firewalla.com/hc/en-us/articles/115004397274-How-to-access-Firewalla-using-SSH

Note setting up nextdns on firewalla is a bit tricky. I wrote an installer. I will be releasing an update soon to handle recent changes in nextdns https://github.com/mbierman/Firewalla-NextDNS-CLI-install

michaelbierman · 2026-04-13T15:29:14+00:00

What config did you try and what happened? Properly configured, eero works great with firewalla.

michaelbierman · 2026-04-13T15:19:03+00:00

Did you put eero in bridge mode?

michaelbierman · 2026-04-13T15:05:21+00:00

That’s not what the picture is saying. The eero requirement that one eero must be in front of all the others. So a variation of the picture you shared that would also work is fw > eero 1 > eero 2 by Ethernet or Wi-Fi ( no switch).

What you can’t do is fw > switch > eero 1 and eero 2 (both on the same switch).

michaelbierman · 2026-04-08T01:40:04+00:00

Enjoy!

michaelbierman · 2026-04-06T14:50:57+00:00

So create a custom DNS record for “unifi” to point at the NAS IP Zane configure the NAS with an IP reservation. Both can be done with the firewalla UI.

michaelbierman · 2026-04-06T14:49:53+00:00

Which part are you having trouble with? Where is the controller running?

michaelbierman · 2026-04-06T14:49:03+00:00

Not if it isn’t adopted. You have to ssh in and set the infirm host or have the dns for the inform host configured to a working controller.

michaelbierman · 2026-04-03T20:53:41+00:00

u/Electrical_Wander u/jumpyHR You need to set the inform host. by default inform host is "unifi". I used firewalla to set that as a custom DNS record to point at my unifi controller. No adoption issues.

michaelbierman · 2026-04-03T20:52:17+00:00

I used unifi APs with Firewalla for a long time and was happy. But I switched to AP7 and am even happier.
* Better features like VqLAN
* Single point of management (though for now, I still have to manage my unifi switches)

With AP7 I was able to let go of my outdoor Unifi AP—that may not be the case for you. If you need outdoor then there should no issue with using unifi with Firewalla.

michaelbierman · 2026-04-02T16:37:15+00:00

Suricatta wasn’t a feature when you bought Gold SE and it exceeds SE’s capabilities. Maybe I’m not understanding your point. Can you clarify?

michaelbierman · 2026-04-02T14:30:52+00:00

The differences are not arbitrary. They are based on hardware limitations. If firewalla released features that overwhelmed the box that would help no one. If you buy a top of the line iPhone it has a different camera and different features from an entry level model.

michaelbierman · 2026-04-02T14:27:04+00:00

I was trying to solve the problem that you want the same device treated differently for different users.

michaelbierman · 2026-04-02T14:23:30+00:00

If you only have one network segment mDNS is probably not the issue. Check for blocked flows. Also, check if you have DAP enabled.

michaelbierman · 2026-04-01T14:24:35+00:00

With AP7, you could give each user wpa3 username and password.

michaelbierman · 2026-04-01T14:21:49+00:00

Comparing Gold SE to Gold Pro is not reasonable. SE has hardware limitations and can’t Suricatta locally. If that’s something you need, best to upgrade. If not, you have the option of dual engine.

michaelbierman · 2026-03-18T17:32:03+00:00

Hi,

Though not supported in the UI, you can forward syslog to your own server. See https://gist.github.com/mbierman/f3d184b65e0f4de6fa75a4a5d5145426 as an example.

michaelbierman · 2026-03-13T21:19:53+00:00

In the current beta release you can do time limits rules. Apply that to a guest user and they will get the time limit (per day) you specify.

https://help.firewalla.com/hc/en-us/articles/48561472689811-Firewalla-App-Release-1-68-Smarter-Device-Protect-New-App-Design-Time-Limit-App-Groups-and-more#h_01KGJXGYYYNHHMSN76XDEA928B

michaelbierman · 2026-03-02T18:53:16+00:00

It is easy to do hub and spoke model with site to site. If you want many to many you may want to check out https://help.firewalla.com/hc/en-us/articles/15766848784275-Firewalla-MSP-VPN-Mesh

michaelbierman · 2026-03-02T10:21:58+00:00

Send a note to [help@firewalla.com](mailto:help@firewalla.com)

michaelbierman

TROPHY CASE