Adding a USG (Ubiquiti Security Gateway) to LAN


I am about to add a USG to our LAN for security and to create a VPN. Currently we have a Comcast modem that handles routing/wi-fi/security etc.

My question (I hope it's not so stupid), is what do I need to do to the Comcast modem when I connect the USG?

Do I need to turn off routing? Do I need to turn off DHCP?

I ask because these functions don't seem to be necessary from the Comcast modem after the USG is connected?

Sorry, again, I hope is not such a dumb question.


If it's a combo modem and router device you're likely going to run into issues due to it NAT'ing traffic.

The best route to go would be to buy your own (separate) modem and a network switch. If you need wireless buy an wireless router that supports AP mode or just by a stand alone wireless AP (cheaper). Asus wireless routers work well and I know for a fact they support AP mode.

My current perimeter setup is

comcast internet ---> modem(owned) ---> UTM security appliance
UTM ------------------> wireless router in AP mode
UTM ------------------> network switch for other segments

If the 4 switch ports are enough on a wireless router for any wired devices you have then the extra isn't really necessary


Most Comcast devices these days support bridge mode as well, you can enable it (or have Comcast help you enable it), and it will just act as a modem and push all traffic to your USG.