Soldato
Have you turned it off on both the old and new interfaces? Sadly, you need to turn it off twice.
*** Official Ubiquiti Discussion Thread ***
- Thread starter RoyMi6
- Start date
-
- Tags
- home network rewire ubiquiti wifi
Have you turned it off on both the old and new interfaces? Sadly, you need to turn it off twice.
Hi, just wondering if anyone could recommend the most suitable Ubiquiti access point for my situation please? My current BT Smart hub is ok, apart from 2 rooms where it occasionally loses wifi. Unfortunately working from home & kids home schooling means i now need stable wifi in these rooms.
3 bed terraced house, cat5e cabled back to patch panel with non poe switch, master socket cabled back to patch panel & cable in loft for wap so can easily be mounted on upstairs ceiling pretty centrally (poe injector as no power in loft).
All sky / tv’s / xbox / pc’s are cabled. Wifi devices mixture of 5 iphones (xr & 12), macbook air, hp laptop, a couple of ipads, 3 alexas (all dual 2.4 & 5).
Plusnet fttc, router showing 80Mbps down, 20 up. Speedtest shows approx. 70/16 on wifi in most rooms.
Was hoping 1 wap upstairs would be enough, but can add another downstairs if needed.
thanks
3 bed terraced house, cat5e cabled back to patch panel with non poe switch, master socket cabled back to patch panel & cable in loft for wap so can easily be mounted on upstairs ceiling pretty centrally (poe injector as no power in loft).
All sky / tv’s / xbox / pc’s are cabled. Wifi devices mixture of 5 iphones (xr & 12), macbook air, hp laptop, a couple of ipads, 3 alexas (all dual 2.4 & 5).
Plusnet fttc, router showing 80Mbps down, 20 up. Speedtest shows approx. 70/16 on wifi in most rooms.
Was hoping 1 wap upstairs would be enough, but can add another downstairs if needed.
thanks
Soldato
UAP-HDNano and a UAP-FlexHD downstairs if needed.
thanks
thanks
Looking for some advice.
Background info
I've been renovating our house for the past 4ish years and have had a bodged non-optimised system of unifi switches and ap's.
Last year I bought the USG Pro 4 and a cloud key. I never got round to setting it up and when the UDM Pro was released I sold the USG and cloud key. This was mostly due to the increased throughput in the UDM Pro.
I've had the UDM pro since September, finally got it out of the box about 2 months ago, updated the firmware, but I haven't put it in place yet.
Having read all the negative stuff about it on the forums (and I also don't think it will do what I need it to) it's heading for eBay shortly.
Before I bought the USG Pro 4, I pickup up some hardware (Supermicro A1SRi-2758F) to build a pfSense box, but I haven't had time, so that's also sitting in a box.
I had intended to use Unifi Protect at one stage, but have now gone back to my original plan of Blue Iris (or maybe Synology Surveillance)/Dahau cameras.
What I need the new solution to do;
What I believe my options to be;
Thoughts/opinions at the best way forward?
Background info
I've been renovating our house for the past 4ish years and have had a bodged non-optimised system of unifi switches and ap's.
Last year I bought the USG Pro 4 and a cloud key. I never got round to setting it up and when the UDM Pro was released I sold the USG and cloud key. This was mostly due to the increased throughput in the UDM Pro.
I've had the UDM pro since September, finally got it out of the box about 2 months ago, updated the firmware, but I haven't put it in place yet.
Having read all the negative stuff about it on the forums (and I also don't think it will do what I need it to) it's heading for eBay shortly.
Before I bought the USG Pro 4, I pickup up some hardware (Supermicro A1SRi-2758F) to build a pfSense box, but I haven't had time, so that's also sitting in a box.
I had intended to use Unifi Protect at one stage, but have now gone back to my original plan of Blue Iris (or maybe Synology Surveillance)/Dahau cameras.
What I need the new solution to do;
- I have 2 internet connections - One 500mbps one (from Virgin) and a backup 80mbps one (from Sky). Any new solution needs to be able to accept dual Wan's, ideally I want load balancing, but at the bare minimum it needs to do failover properly (so another nail the UDM pro's coffin).
- I have a VPN where I wish to setup specific devices to appear from various different countries (i.e. I have several Apple TV boxes, so one is setup for the UK, the other is setup for the US, etc)
- IDS/IPS was one of the selling features of the USG/UDM, so that would be useful (assuming it actually works correctly).
- I would have liked to have kept everything Unifi, so it was one interface to manage everything, but I have come to accept that is an unlikely outcome.
What I believe my options to be;
- pfSense - this was the original plan before the USG. Downside to this is a dated UI (where reporting is achievable but not inbuilt), and historically slow updates/hardware support.
- Untangle - this appears to be the prettier option, but it would also cost £150 a year for the features I want. Is Untange worth paying for compared to the other options?
- OPNSense - this has recently popped up on my radar. My understanding is that it's a fork from pfSense but with a more modern UI and more frequent updates. If that is the case why doesn't this get mentioned more often as a viable alternative to pfSense/Untangle?
- Unifi UXG-Pro - I'd import this from the US EA store. I know this is a stripped back version of the UDM Pro, but they appear to be developing the features for this one that were promised for the UDM Pro. I also prefer the controller not being on this hardware. My issue with this option is will it ever be able to offer a viable alternative to the first 3 options?
Thoughts/opinions at the best way forward?
So you’ve purchased two routers and basically not really used either of them, along with parts to build a 3rd and it’s still in bits. Stop buying hardware and not using it 
Pfsense doesn’t really do slow updates, it follows BSD’s kernel releases, hardware support works the same way, always has, always will. OPNSense isn’t a new thing, if you’ve not heard of it, you probably missed a load of drama that didn’t do anyone any favours. The home licence for untagle wasn’t £150 last I looked, do you need a commercial licence? You could also consider Sophos’s home offering as well, but that gets even less love.
Any of them should handle failover easily enough, load balancing is generally not without issue, as jumping external IP can be problematic, though workarounds exist. My suggestion is finish the build and play with PF/OPN/UT/XG etc. and see what suits you best. Single pane management sounds nice, but it’s not really a game changer.
Pfsense doesn’t really do slow updates, it follows BSD’s kernel releases, hardware support works the same way, always has, always will. OPNSense isn’t a new thing, if you’ve not heard of it, you probably missed a load of drama that didn’t do anyone any favours. The home licence for untagle wasn’t £150 last I looked, do you need a commercial licence? You could also consider Sophos’s home offering as well, but that gets even less love.
Any of them should handle failover easily enough, load balancing is generally not without issue, as jumping external IP can be problematic, though workarounds exist. My suggestion is finish the build and play with PF/OPN/UT/XG etc. and see what suits you best. Single pane management sounds nice, but it’s not really a game changer.
Soldato
My opinion, for what it’s worth;
pfSense would require you build the Supermicro up, which has a cost. And the Atom CPU in that box isn’t the strongest so while it would run pfSense I’m not sure it would handle all your traffic with load balancing, Suricata etc. The ‘official’ Netgate pfSense device for your sort of connection speeds is the SG-3100 which is an ARM Cortex A9 so it’s difficult to compare ARM vs. Intel but I suspect you’d be better off just buying the SG3100 rather than building a system for the SuperMicro board. The software is free and is very good. I’m not sure what your comments about a dated UI refer to. It’s an open system. You can do anything with it. And the fact that the reporting isn’t built-in is arguably a strength because you pick the reporting plug-in YOU want, not what the software developer thought you wanted.
Untangle would run on your SuperMicro box and I assume that by going for the £150/year option you actually mean $150 Home Protect Plus. Which feature is it you want because the stock Untangle home at $50 does everything pfSense does. Don’t confuse IP Threat Protect with Suricata IPS/IDS. That’s in the basic package. The antivirus is fine but Windows Defender is too. The easy VPN system is really nice and if you need Wireguard then the $150 package looks cheap for the Wireguard implementation you get. How much you want Untangle really depends on how much you value ease of use.
OPNSense - It’s pfSense by another name, just someone has written a tidy front end which you could just as easily add to pfSense because it’s an open system anyway.
UXG-Pro - It’s a Beta device. It’s a beast of a router but single feature you get over the USG-4P is the ability to run Suricata (IPS/IDS) over 450Mbps. If you swap the RAM in your USG to 4Gb or 8Gb you’d probably get line speed on the Virgin 500Mbps system anyway. For the very low cost of a DDR3 SoDIMM I’d be tempted to try that first. Basically you’d be spending $500 for something that currently does the same or less than two devices you already have - a USG-4P and a UDM-Pro. The UDM-Pro is the same hardware as the UXG-Pro and 65% of the same firmware. If you don’t trust the UDM-Pro then the UXG-Pro isn’t for you right now either. And the DPI in the UniFi controller is still broken.
Can I suggest something a bit left-field? I’m a huge fan of the QNAP QGD-1600P Guardian. It’s a router, it’s a NAS, it’s an NVR, it’s a 16-port PoE switch. It runs both the UniFi Controller and pfSense at the same time in ContainerStation and it can also run Mikrotik RouterOS if you’d rather have that. QNAPs NVR software is excellent and the Guardian comes with 8 camera licences which is plenty for most home users.
Ultimately there are people who just want to mess about with routers and switches and access points and there are folks who just want their internet to work safely. You strike me as the former in which case, it’s your hobby, try them all if funds allow. Find the one you like best. None of them are perfect.
ah ha, just found that WIFI AI was still turned on (in the new settings) and set to scan at 3am!
Just turned it off!
Muchas gracias.
Soldato
ah ha, just found that WIFI AI was still turned on (in the new settings) and set to scan at 3am!
Just turned it off!
Muchas gracias.
Niente.
Soldato
I have run in to some problems with my Unifi AP and Sky Q setup, hope someone can help - will try to be succinct, having written war and peace on reddit and ubiquiti communities....!
So, I have a UAP-AC-Pro wired to a Netgear (gigabit) switch connected to an Ethernet port on the Sky Q Hub (newer SR203 model) and a UAP-AC-LR connected (via gigabit powerline) to the UAP-AC-Pro. These devices handle all wireless connectivity in the home, except for the Q devices, which remain connected to the Sky Q hubs default wireless. I also have a CloudKey Plus (Gen2) as Unifi controller, connected directly via Ethernet to the Sky Q hub. This all works brilliantly, strong and stable wireless throughout the circa. 200m2 house.
However, having had an electrician in for a couple of days doing work such as replacing the consumer unit caused us to need to power off for a while, on a couple of occasions. On each occasion, when firing everything back up, I had massive issues getting *internet* connectivity on pretty much any device. No webpages work, many devices report "wireless connection has no internet" and so on. So, logged on to the Sky Q hub's native wireless, and all works fine...... power-cycled ubiquiti kit several times, rebooted Sky router, tried all sorts and the problems seem to last. Only after close to 2hrs, having literally shut everything down and slowly, sequentially firing devices up was I able to regain proper working environment.
This happened on day one of works, made me sad. Day 2, yesterday, with trepidation.....and same problem. Literally took a couple of hours, rebooting of devices and so on before finally getting a semblance of functionality back.
Any thoughts greatly received - the ubiquiti kit is brilliant, but it is tooooo complicated for me, I worry. I really want to persevere, but pressure is building to go for something a little more consumer friendly that 'just works'....Please help me keep the kit
So, I have a UAP-AC-Pro wired to a Netgear (gigabit) switch connected to an Ethernet port on the Sky Q Hub (newer SR203 model) and a UAP-AC-LR connected (via gigabit powerline) to the UAP-AC-Pro. These devices handle all wireless connectivity in the home, except for the Q devices, which remain connected to the Sky Q hubs default wireless. I also have a CloudKey Plus (Gen2) as Unifi controller, connected directly via Ethernet to the Sky Q hub. This all works brilliantly, strong and stable wireless throughout the circa. 200m2 house.
However, having had an electrician in for a couple of days doing work such as replacing the consumer unit caused us to need to power off for a while, on a couple of occasions. On each occasion, when firing everything back up, I had massive issues getting *internet* connectivity on pretty much any device. No webpages work, many devices report "wireless connection has no internet" and so on. So, logged on to the Sky Q hub's native wireless, and all works fine...... power-cycled ubiquiti kit several times, rebooted Sky router, tried all sorts and the problems seem to last. Only after close to 2hrs, having literally shut everything down and slowly, sequentially firing devices up was I able to regain proper working environment.
This happened on day one of works, made me sad. Day 2, yesterday, with trepidation.....and same problem. Literally took a couple of hours, rebooting of devices and so on before finally getting a semblance of functionality back.
Any thoughts greatly received - the ubiquiti kit is brilliant, but it is tooooo complicated for me, I worry. I really want to persevere, but pressure is building to go for something a little more consumer friendly that 'just works'....Please help me keep the kit
Soldato
I have run in to some problems with my Unifi AP and Sky Q setup, hope someone can help - will try to be succinct, having written war and peace on reddit and ubiquiti communities....!
So, I have a UAP-AC-Pro wired to a Netgear (gigabit) switch connected to an Ethernet port on the Sky Q Hub (newer SR203 model) and a UAP-AC-LR connected (via gigabit powerline) to the UAP-AC-Pro. These devices handle all wireless connectivity in the home, except for the Q devices, which remain connected to the Sky Q hubs default wireless. I also have a CloudKey Plus (Gen2) as Unifi controller, connected directly via Ethernet to the Sky Q hub. This all works brilliantly, strong and stable wireless throughout the circa. 200m2 house.
However, having had an electrician in for a couple of days doing work such as replacing the consumer unit caused us to need to power off for a while, on a couple of occasions. On each occasion, when firing everything back up, I had massive issues getting *internet* connectivity on pretty much any device. No webpages work, many devices report "wireless connection has no internet" and so on. So, logged on to the Sky Q hub's native wireless, and all works fine...... power-cycled ubiquiti kit several times, rebooted Sky router, tried all sorts and the problems seem to last. Only after close to 2hrs, having literally shut everything down and slowly, sequentially firing devices up was I able to regain proper working environment.
This happened on day one of works, made me sad. Day 2, yesterday, with trepidation.....and same problem. Literally took a couple of hours, rebooting of devices and so on before finally getting a semblance of functionality back.
Any thoughts greatly received - the ubiquiti kit is brilliant, but it is tooooo complicated for me, I worry. I really want to persevere, but pressure is building to go for something a little more consumer friendly that 'just works'....Please help me keep the kit
So, if I can clarify, you have a SkyQ Hub -> Netgear Switch -> UAP-AC-Pro (up to here this will just boot up every time. No problem. Even without a controller running this will boot up.)
SkyQ Hub -> Netgear Switch -> UAP-AC-Pro Passthrough Port-> Powerline Adapters -> UAP-AC-LR
I can see why it might not even work at all, and I think you might be better switching meshing on and taking the powerlines off because meshing will only kill half your speed whereas wired uplink reduces the speed on both the -Pro and -LR and then the powerlines will further cripple the traffic back to Pro from the LR.
So I would try taking the powerlines off and frankly, the rest of it should just boot up. It might take a few minutes to figure out what's going on, but it should just boot up. We had a complete power cut here last night and the Gen2+ cloud key took everything offline tidily and then the UPS switched everything off nicely. And then when the power came back on I flicked the switch and it all powered straight back up. No intervention from me at all. And that's 3 switches, 5 access points, a Cloud Key and and Untangle router, plus the NAS units and the NVRs. So I think it has to be the powerlines and the order everything comes fully awake. So the Sky hub usually boots up fairly quickly. The access points are probably booting up last on their PoE injectors. And then they'll be trying to establish comms with the router through all that bodgery you've got in the way.
I'd try it with out the -LR and the powerlines. That should definitely work no problem. Then mesh in the -LR and I think it will be fine. Powerlines don't seem a very good idea to me in this use case.
Soldato
Thanks for the reply
Understood on the powerline element, but, actually, I have had zero issues running this way, once I managed to get the 1gbps uplink running. But, the problems arise from the moment I try adding an of the Ubiquiti kit back in to the network after the power off and on! Specifically, before bringing the UAP-AC-LR even in to the equation. So, when starting everything up, the Sky Q Hub works as expected, and the wireless network it offers is fine for internet etc., sky minis connect and so on. Adding in the Netgear switch then allows the Sonos, Hue, Tado and so on to work - still all good at this stage. Then, powering up the Gen2+, I can access the controller and see that the 2 APs are not connected (as expected, as they are not yet powered on).....then, fire up the AC-Pro (connected to Netgear switch) and wait for it to show fully operational in controller. Once it does, try to switch laptop using to access Gen2+ interface to one of the UAP-AC-Pro wireless networks, and start to get warning that the wireless network does not have internet connectivity......sure enough, cannot get to bbc.co.uk, or google etc., but can still access the Gen2+ on the network
Even stranger, one some of my reboots/power cycles etc. to try and get working again, when I power up the UAP-AC-Pro, I sometimes then lose internet connectivity on the *Sky Q Hub's* wireless network too - it is like it gets knocked out by some change that the UAP-AC-Pro or controller cause!
Soldato
It seems an odd order to boot stuff up in. Remember that you don't need the controller once the access points are provisioned.
Are the access points on fixed IP addresses and how are you handing gateway and DNS queries?
There is no magic in this. The access points know where their gateway and DNS servers are located so as long as they can access those they will have internet. If they are active and broadcasting then they will pass data. If they're not passing data then something is blocking their access to the gateway or the DNS server.
Can you flesh this out a bit? What are the IP addresses of the gateway and DNS server(s)? Do you have any fixed IP address ranges and how are doing DHCP?
What happens if you unplug the UCK Gen2+ and plug the UAP-AC-Pro directly into the Sky Q Hub?
What model of switch is the Netgear?
Are the access points on fixed IP addresses and how are you handing gateway and DNS queries?
There is no magic in this. The access points know where their gateway and DNS servers are located so as long as they can access those they will have internet. If they are active and broadcasting then they will pass data. If they're not passing data then something is blocking their access to the gateway or the DNS server.
Can you flesh this out a bit? What are the IP addresses of the gateway and DNS server(s)? Do you have any fixed IP address ranges and how are doing DHCP?
What happens if you unplug the UCK Gen2+ and plug the UAP-AC-Pro directly into the Sky Q Hub?
What model of switch is the Netgear?
Soldato
Thanks so much for your interest and help
So, the only Static IP I have is the Synology NAS, everything else has DHCP assigned values from the Sky Q hub. The hub is per default setting in terms of gateway (192.168.0.1), and I cannot control DNS servers in its interface (which is a shame!). I have not tried unplugging the controller and just having the UAP-AC-Pro direct to Sky Q hub - that sounds like a good idea. I initially used a regular web controller, but added the Gen2+ something like 9 months ago....really wondering if I need it, as not sure I benefit in my setup from the regular web interface!
So, the only Static IP I have is the Synology NAS, everything else has DHCP assigned values from the Sky Q hub. The hub is per default setting in terms of gateway (192.168.0.1), and I cannot control DNS servers in its interface (which is a shame!). I have not tried unplugging the controller and just having the UAP-AC-Pro direct to Sky Q hub - that sounds like a good idea. I initially used a regular web controller, but added the Gen2+ something like 9 months ago....really wondering if I need it, as not sure I benefit in my setup from the regular web interface!
Soldato
What is the network and WiFi that you have set up on your access points? What does that have as the gateway and DNS server - 192.168.0.1 for both?
Soldato
Um, assume I can see this in the Gen2+ controller interface? Sorry, just want to be sure I give the right information......
Oh, and I tried to set the Gen2+ to Static in the latest controller settings, but it won't let me
Oh, and I tried to set the Gen2+ to Static in the latest controller settings, but it won't let me
Soldato
Yes, in Network, what is the IP addresses for the key functions?
The WiFi is just broadcasting that network, yes?
The WiFi is just broadcasting that network, yes?
Soldato
So the two APs are on 192.168.0.19 (Pro) and 192.168.0.26 (LR), the Gen2+ is on 192.168.0.9......all connecting to the (gateway) Q hub on 192.168.0.1
The Unifi stuff has two wireless networks, which are each on 2.4 & 5 on each AP.
The Unifi stuff has two wireless networks, which are each on 2.4 & 5 on each AP.