 Tommy here from Lauren systems and we're going to talk about Deploying projects like this one that's behind me right here. This is a unified kit We're setting up for a customer and I'm doing this a little different I'm doing it for my phone in case you're wondering why the video is a little different and So and it's hard to get the whole camera studio and moving around thing to explain this part of the project If you want to learn more about me and my company over to learn systems calm There's a hires button up at the top if you want to support the channel in other ways There's some links down below affiliate links for deals and discounts on products and services We talk about in a channel and we do talk a lot about Unify and obviously there's a lot of unifies over here as you can see in a couple neck gates buried in them And that's what I wanted to talk about So let's start by looking at the project a little bit up close I'm kind of walk you through what it looks like because I mean I talk a lot about theoretical But seeing as they took over my studio and I can't really use it and the reason they took over my studio and let me show you here It's because the story area is also all of these are projects are getting set up delivered and shipped people ship stuff Dust we set it up configure it ship it out where we buy it online Etc. Etc. And that's how this project goes so What we have here is These two laptops and why is there two laptops and why is this happening right here what you're seeing is the Guys in the back remote controlling each of these laptops well actually one person I think probably Kyle's using both of them right now remotely what he's doing is Each one of these is on a separate network. So this goes to one location This goes to another location and this is one for our lab. This is a pf sense I'm gonna draw this out in a diagram in a second here. So What these all are is pre-labeled and this is a rip and replace we're replacing existing Wi-Fi These names on here and tags and they all match inside of each one side here with a unified controller Are all pre-labeled and ready for deployment So when this client pulls down their old equipment and puts it back up This is what goes in this place now what we do is these two are for this side of the network and the cloud key Which is kind of buried under here and this switch is for this side of the network So each one of these is going in different location they are already VPN together and this is facilitating it by actually giving the clients public IP addresses to These with the gateway and we'll cover how we do that in a minute this way when they Actually go to production the VPN is all set up. Everything's tied together now We adopted all of them together and make sure that after the adoption they work with one controller via the VPN So all of this stays within their controller So this whole deployment will be exactly as planned and each name given like I said is already goes to an existing Wi-Fi place That's gonna get swapped. So that's how all this looks I know it's really messy and I've had some people like well, should you do it a little bit neater? Should you rack monitor all before and I'm like it's just a lot of work to do it that way This is all just for testing and they have their own wires and rack and everything for when it actually goes in and gets deployed So let's take a look in diagram and talk a little bit about what were the details in this So let's dive into the finer details of this project We have the PF Sense lab as WAN 192 1683.152 and these are not the clients AP's These are ones I pulled out of the public IP space Unrelated to this project other than I just wanted to show a public IP's on here So office one is 40 dot seventy six four dot nine That's gonna be the gateway and then office two eighteen twenty five one thirty dot seventy three now What you do is you sign the actual gateways of the client that way when we do this We're doing it all with the clients public IPs and the whole goal of this is to minimize downtime So these are preconfigured already have an IP sec VPN with the clients public IP addresses statically assigned the VPN set up and tested That's actually one of the first steps we do And real quick you'll see that the WAN is gonna be 40 76 4 dot 10 and 18 25 1 30 74 Now how does that actually look in PF Sense? This is our lab PF sense and what we did was we assigned office one forty dot seventy six dot four dot nine office two 18 25 1 30 73 Nothing real special you have to do here You just go in and assign the gate we address to in this case the lab PF sense we make it a slash 29 because that is what they have and The same thing goes again on the other side then we statically assigned the WAN addresses on the XG 7100s Our lab one happens to be an SG 5100 if you notice that in a video So office one office two really straightforward Let me go over here to firewall rules and you want the rules to be wide open because they're supposed to be public IP addresses And you can kind of get the idea now Office one office two you can see there was a lot of data being pushed across here You just leave the rules wide open This also affords you the opportunity to do some traffic tracing if you're stuck and having problems This is another advantage using a PF sense in the lab as the head end of this because well I can just run any of the diagnostics and look at the state tables Etc. And see any traffic going across if I'm having trouble troubleshooting the VPNs and I want to get you know Really into the data, but it doesn't require any switches in between. We've directly plugged in Each one of these two the different ports on here So this is going to be port IX two and I believe the other one is port IX three so he's plugged these directly into the two XG 7100 Going further down we copy the LAN settings Which is easy enough from the existing equipment the client had and like I said once we rip and replace all this The only thing we have to do is just drop it in well Or do thing it had to be done because I'm in this is past tense now We'll strap these in and just turn them on and work because once we have the VPNs established the LANs established then we started adding the unify Switches and then we added the unified gen 2 cloud key kind of all at once I should say then you start adopting everything together now we did this site first we did office 1 first and then we did office 2 The reason we did it this way was we wanted to make sure we could adopt The devices on this side of network that way for in the future they added more We would know that the adoption process work Which you just have to change the set and form URL to match the gen 2 cloud key and it will adopt across the IPsec VPN no big deal to do that and You want to make sure that you can push firmware back and forth that there's no weird issues that you run into or hiccups and By building this all out and plugging all the devices in prior to delivery all the ac pros in and all the ac pros And on both sides and doing the full adoption and then leaving it up and running for a couple days We can now see the entire network working the only thing you don't really have is a true load test because obviously They're gonna have a lot more users and we can simulate easily connected to the Wi-Fi here in our office But at least we've done so much of the legwork that when we do the swap and replace and you drop these in at the same time I believe the client already deployed them and has them set up because this was a client deployed side Not a Lawrence systems as one. We just did all the design and prep work. I believe they got these all plugged in They haven't called us yet. So I'll assume it's all up and running We do a lot of these type of projects for clients where sometimes where the installer other times They're the installer. They'll go ahead and put everything in and drop it in kind of varies from project to project But it's gonna get you an idea by doing all of this pre-planning You can schedule get one person at each site at the same time So the downtime is absolutely minimum both people one at each site plugging unplugging the old firewall equipment taking everything down Plugging in the new firewall equipment following the labels that we put on each thing and Mounting them all and putting them all up there means the absolute minimum on downtime So everything should just come up and start working And it goes pretty well So this is kind of like an overview of these projects Like I said, we do a lot more when I'm trying to I want to show this little part of it Cuz some people seem confused about how to assign those public IP addresses when you're setting up a lab But it's actually really really easy to do. I mean, I'm doing a PF sense Yes, you can probably do this with a handful of other devices as well I know it works fine in PF sense though and obviously we use a lot of it So that's one of the reasons it's you know, what we are choice of in-house lab testing a lab building That is for building client projects. This is one of the reasons I think it's so important to have such a an extensive lab set up is if you're not doing these deployment You end up doing all this work on site at the client and if you run to a weird hiccup a weird problem And you didn't thoroughly test this especially with the level of all the rules that need to be written everything else Well, you can run into this problem. So the other advantage here is we can test all the rules ahead of time We can test all the VPNs and matter of fact, they actually have a few more networks I didn't list out here with a guest network and a couple others and they wanted a Some pretty unique settings not really unique, but just different settings more than basic in there So we got a chance to test all those settings We can test all the firewall rules because with your lab You can actually go and do and do all the port checking and make sure it gets to anything behind there that they need to get to as well so Hopefully this makes a little bit of sense and helps you with your project planning as well Or if you're looking to have a project like this planned out this is something that we do whether we're deploying it or in the case of Just being us the labor on the inside and do all the pre-deployment documentation and create this so people know how to set it up Plug it in these are services that we do offer. All right, and thanks And thank you for making it to the end of the video if you like this video Please give it a thumbs up if you'd like to see more content from the channel hit the subscribe button and hit the bell icon If you like YouTube to notify you when new videos come out If you'd like to hire us head over to Lawrence systems calm fill out our contact page and Let us know what we can help you with and what projects you'd like us to work together on If you want to carry on the discussion head over to forums dot Lawrence systems calm Or we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos They're accepted right there on our forums, which are free Also, if you like to help the channel out in other ways head over to our affiliate page We have a lot of great tech offers for you and once again, thanks for watching and see you next time