Network Routing and Switching Essentials – VILT  (NRSE-VILT) is a one-day virtual instructor-led training UniFi routing and switching course focused on practical configuration, segmentation, resiliency, security, VPN connectivity, SD-WAN, and identity-based networking using UniFi Network and UniFi OS platforms.

Students build and troubleshoot real-world enterprise-style configurations using VLANs, firewalls, WAN failover, VPNs, Identity, and CyberSecure features.

Module 1 – IP Networking Fundamentals
Topics

  • IPv4 addressing
  • Subnetting concepts
  • DHCP operation
  • Static IP assignments
  • UniFi network architecture
  • Gateway and DNS concepts

Hands-On Lab
LAB 1: Networks, Subnets and Static IP Assignments

Students will:

  • Reconfigure default networks
  • Configure DHCP scopes
  • Assign static IPs to clients and infrastructure devices
  • Verify addressing and connectivity

Module 2 – VLANs and Switch Port Configuration
Topics

  • VLAN fundamentals
  • Tagged vs untagged traffic
  • Native VLANs
  • Switch port profiles
  • Allow All vs Block All vs Custom
  • Guest network behavior

Hands-On Lab
LAB 2: Configuring VLANs

Students will:

  • Create Management, Staff, Guest, and IoT VLANs
  • Configure switch ports
  • Test VLAN isolation and connectivity
  • Observe VLAN behavior across ports

Module 3 – UniFi Backup and Recovery
Topics

  • UniFi OS backups
  • Network application backups
  • Restore operations
  • Disaster recovery concepts

Hands-On Lab
LAB 3: Configuring Backups

Students will:

  • Create backups
  • Delete configurations
  • Restore the environment from backup
  • Verify restored functionality

Module 4 – Zone-Based Firewall Architecture
Topics

  • Zone-Based Firewall concepts
  • Inter-zone policies
  • Gateway protection
  • Layer 2 vs Layer 3 isolation
  • Guest isolation
  • IoT segmentation

Hands-On Lab
LAB 4: Zone-Based Firewall Rules

Students will:

  • Create security zones
  • Build allow/block policies
  • Restrict management access
  • Configure IoT isolation
  • Test firewall behavior

Module 5 – Switching Resiliency and Link Aggregation
Topics

  • LACP fundamentals
  • Aggregated uplinks
  • Redundancy concepts
  • Spanning Tree Protocol (RSTP)
  • Loop prevention
  • Bridge priority

Hands-On Labs
LAB 5: Link Aggregation

Students will:

  • Configure LACP
  • Aggregate switch uplinks
  • Verify 2 Gbps connectivity

LAB 6: Spanning Tree Lab

Students will:

  • Create network loops
  • Observe RSTP behavior
  • Change bridge priorities
  • Verify loop prevention

Module 6 – WAN Redundancy and Traffic Engineering
Topics

  • WAN failover
  • Load balancing
  • Multi-WAN architecture
  • Policy-Based Routing (PBR)
  • VLAN-specific WAN routing

Hands-On Labs
LAB 7: WAN Failover

Students will:

  • Configure primary and backup WANs
  • Test failover operation
  • Configure load balancing

LAB 8: Policy Based Routing

Students will:

  • Route IoT traffic over WAN2
  • Test WAN-specific policies
  • Verify failover behavior

Module 7 – Advanced Firewall Policies
Topics

  • Application-aware firewalling
  • App blocking
  • Security policy management
  • Temporary policy suspension

Hands-On Lab
LAB 9: Firewalls

Students will:

  • Create app-based firewall rules
  • Block YouTube for IoT devices
  • Test application filtering

Module 8 – Remote Connectivity and VPNs
Topics

  • Teleport VPN architecture
  • WiFiMan integration
  • Remote access concepts
  • VPN security zones

Hands-On Lab
LAB 10: Teleport VPN

Students will:

  • Configure Teleport VPN
  • Connect mobile devices remotely
  • Verify VPN operation

Module 9 – SD-WAN and Site Magic

Topics

  • Site-to-site connectivity
  • SD-WAN concepts
  • Mesh vs hub-and-spoke
  • Overlapping subnet limitations
  • Multi-site design considerations

Hands-On Lab
LAB 11: SD-WAN

Students will:

  • Configure Site Magic
  • Connect multiple sites
  • Verify inter-site communication

Module 10 – Identity and Zero Trust Networking
Topics

  • UniFi Identity overview
  • Identity Endpoint
  • One-Click VPN
  • One-Click Wi-Fi
  • User-based permissions
  • Identity onboarding

Hands-On LabLAB 12: Identity

Students will:

  • Configure Identity
  • Add users
  • Assign VPN and WiFi permissions
  • Test Identity Endpoint connectivity

Module 11 – Cybersecurity and Threat Protection
Topics

  • IDS vs IPS
  • Region blocking
  • Content filtering
  • Encrypted DNS
  • Threat visibility
  • CyberSecure overview

Hands-On Lab
LAB 13: IPS/IDS

Students will:

  • Enable IDS/IPS
  • Configure region blocking
  • Test ad blocking
  • Configure encrypted DNS
  • Review threat activity

By the end of the course students will be able to:

  • Configure UniFi VLANs and switch ports
  • Implement Layer 2 and Layer 3 segmentation
  • Deploy Zone-Based Firewall policies
  • Configure WAN failover and load balancing
  • Deploy Policy-Based Routing
  • Configure Teleport VPN
  • Implement SD-WAN with Site Magic
  • Deploy UniFi Identity
  • Configure IDS/IPS and CyberSecure features
  • Troubleshoot switching and routing issues
  • Understand enterprise-style UniFi architecture

Prerequisites:

  • UniFi Cloud Gateway (UCG / UDM Series)
  • 2 UniFi Switches
  • UniFi Access Point
  • Laptop with Ethernet adapter
  • Smartphone for Teleport and Identity labs
  • Internet connection

Access the VILT training here: learn.wifi-u.com

All wifi‑U trainings are Credly by Pearson certified, ensuring that every student receives an industry‑recognized digital credential upon successful completion. These badges validate the skills gained in each course and can be easily shared on LinkedIn, resumes, and professional portfolios.

Ubiquiti® and UniFi® are registered trademarks of Ubiquiti Inc. This course is independently produced and is not affiliated with, endorsed by, or sponsored by Ubiquiti Inc.