*** Official Ubiquiti Discussion Thread ***

memyselfandi said:
Personally I have split my IoT devices onto a separate VLAN from anything important and it is not a lot of work to do so.

Given I had quite a few things like wifi enabled bulbs I created a new SSID for non-IoT devices and then assigned the old one to a separate VLAN via the Ubiquiti controller (seemed the easiest way to do that as it meant that the IoT devices did not need to be reconfigured as they were just using the same SSID as before as far as they were concerned and its a lot easier to reconfigure normal devices). Add any wired IoT devices to the new VLAN at the switch port level (e.g. Hive Hub).

Create firewall groups for the address ranges of each VLAN and then create a firewall rule on the Controller which blocks devices on the IoT VLAN from instigating connections to the "main" network. This means that devices on the "main" network can access the IoT network for management and then devices can then respond but IoT devices cannot communicate on their own to the "main" network.

Took maybe 30 minutes including Googling to find out how to do it.
Click to expand...

Pretty much the same as what I've done. Only thing that was a faff was Sonos but once I had mDNS and IGMP Proxy setup and the required firewall ports open, it worked fine. Can control my Sonos from a different wireless network/VLAN.
 
sparkymark75 said:
Pretty much the same as what I've done. Only thing that was a faff was Sonos but once I had mDNS and IGMP Proxy setup and the required firewall ports open, it worked fine. Can control my Sonos from a different wireless network/VLAN.
Click to expand...

Can you share a bit more info on this, pushing SONOS onto its own SSID / network sounds like a good idea.
 
I'm not thinking to change my setup just yet, but should I upgrade or replace due to hardware failure is there an easy way to swap? currently with 80/20 FTTC, should FTTP become available I wouldn't be able to utilize the connection without disabling various features. So for example where I currently have the USG and changed to a USG-PRO-4 is there a relatively seamless way to do this? It's only a home network but it's nice to avoid being moaned at if the internet isn't working!

  • 2x US-24-250
  • 3x US-8-150W
  • 3x AC Pro
 
Last edited:
Yes, you just adopt the USG-4P onto the controller and enter the PPPoE and BT credentials details.

Then if the USG-3P fails you unplug everything from that and put it into the USG-4P and it will just work.

The key is that the USG gets all its settings from the controller so as long as it has enough data to bring up the BT connection it just works.
 
WJA96 said:
No, there is nothing in the Beta or Early Access programmes so anything new is at least 3-6 months away. Although they did launch the US-XG-6 PoE very, very, quickly it's still not actually available to buy and the new AP-IW-HD and UCK Gen2's were launched and brought to the market quite quickly as well.

Realistically - you're still looking at 3-6 months.
Click to expand...

Cheers, I've ordered the 4.
 
WJA96 said:
Possibly a daft question but have you upgraded the RAM on the USG and tried IPS/IDS recently? They have made pretty big optimisations on that in the last couple of firmware releases and just the RAM upgrade helps in many cases as it’s not paging the lists at all with 8Gb RAM whereas with 2Gb RAM it has to load and unload the lists sometimes.
Click to expand...

No, last time I looked into it adding RAM didn't seem to actually make any difference so I haven't bothered. Maybe I'll take another look though.
 
OllyM said:
No, last time I looked into it adding RAM didn't seem to actually make any difference so I haven't bothered. Maybe I'll take another look though.
Click to expand...

UBNT officially state that more RAM doesn’t make the USG-4P any faster in this regard. And yet, my 8Gb USG-4P runs at 550-700Mbps with IDS switched on and a steady 600Mbps max throughput with IPS. So roughly a third faster than UBNT say it should run.
 
The Unifi app lets you control everything from your phone, or tablet so I'd say yes. I've not used the UNMS app but if it works in a similar way, I'd probably have to say yes to that too.
 
Careful with the UniFi App. There's some quirky things at times. If I configure my APs then they revert to the default channels. For some reason the app doesn't like DFS channels which I have set via the Web interface.
 
Sin_Chase said:
Careful with the UniFi App. There's some quirky things at times. If I configure my APs then they revert to the default channels. For some reason the app doesn't like DFS channels which I have set via the Web interface.
Click to expand...

Are you running Beta firmware or controller software?
 
WJA96 said:
Are you running Beta firmware or controller software?
Click to expand...

Nope. Latest stable releases.

If I use the app and go into AP Channel Configuration there are no DFS channels. It means if you commit any other changes it sets a channel that it is able to list. The web configuration displays all the channels, including DFS, as expected.
 
1pudding1 said:
Just read through that thread and couldnt see an answer to my q. Whats the actual point and gain of putting all Sonos stuff on its own VLAN?
Click to expand...
Ah okay, I thought you wanted advice on setting it up. The theory being that segregating off IoT type devices which you can't harden yourself limits the attack surface on your network. So your PC/laptop that you do online banking on, etc isn't on the same VLAN as your smart home devices. Crude example but first that came to mind.
 
Just jumping in on this, I understand IoT devices but not Sonos. You'd lose the ability to control it from your phone, cast spotify to it etc. surely or does it communicate with the app via the Sonos server instead?
 
Kol said:
Just jumping in on this, I understand IoT devices but not Sonos. You'd lose the ability to control it from your phone, cast spotify to it etc. surely or does it communicate with the app via the Sonos server instead?
Click to expand...
Not if you configure the firewall correctly and setup some broadcast services (see link to Ubiquiti forum above). I have my Sonos devices on an IoT VLAN and my phone on the main house LAN and can control Sonos from it and cast Spotify to it.
 
sparkymark75 said:
Not if you configure the firewall correctly and setup some broadcast services (see link to Ubiquiti forum above). I have my Sonos devices on an IoT VLAN and my phone on the main house LAN and can control Sonos from it and cast Spotify to it.
Click to expand...

Ah, ok - that sounds interesting. Cheers.
 
I am probably asking in the wrong thread but...
MikroTik wsAP ac lite RBwsAP-5Hac2nD - £38.59
UniFi AC Lite UAP-AC-LITE - £68.78
AirCube AC ACB-AC - £64

Is the UniFi AC Lite or AirCube worth the extra £30? I am not looking to do much other than just have my wireless devices connected to the internet.

I already own an EdgeRouter 3 Lite, but from what I have read it is not in the UniFi range I won't get all the benefits that the Unifi system offers but I am not too fussed about that. I just want to get away from the SuperHub from Virgin Media.

If anyone else has any suggestions for a pretty low cost AP I am all ears.
 
I'm not up to speed on the MikroTik range but it looks like the 5GHz is only single chain and the ethernet ports aren't gigabit which will limit your bandwidth between the AP and the router. Someone that has experience of both will be able to advise better. That's just a quick impression looking at the specs of both. (I have 2 x UAP-AC-Lite)
 
You must log in or register to reply here.
Back
Top Bottom