* Official Ubiquiti Discussion Thread *

benjii · 24 Jan 2021 at 16:06

Since upgrading my UDM to 1.8.6, I can't access the controller via local IP. I made a post about it on reddit and have tried all the suggestions there: https://www.reddit.com/r/Ubiquiti/comments/l2ndjc/do_local_ip_controller_connections_still_work_in/

Anyone else have any ideas?

RSR · 24 Jan 2021 at 17:47

Mine (UDM-P) works fine on 1.8.6-2 via the local IP/DNS.

I guess the normal things of power cycle it etc....

benjii · 24 Jan 2021 at 19:29

RSR said:
Mine (UDM-P) works fine on 1.8.6-2 via the local IP/DNS.

I guess the normal things of power cycle it etc....

Yeah, I'm aware it's good for most people. I've done everything I can think of, factory reset, reflashing firmware etc. I'm just seeing if anyone has any other ideas.

RSR · 24 Jan 2021 at 20:20

If you have reset the UDM, I assume you have connected to the device to set it back up again?

If you have reset it going be on the 192.168.1.X/24 range.

Using a wired connection on a LAN port:

Does it get a DHCP IP?
Can you ping it's IP, that's normally 192.168.1.1?
What happens when you browse to it? Have you tried different browsers?

benjii · 24 Jan 2021 at 23:28

RSR said:
If you have reset the UDM, I assume you have connected to the device to set it back up again?

If you have reset it going be on the 192.168.1.X/24 range.

Using a wired connection on a LAN port:

Does it get a DHCP IP?
Can you ping it's IP, that's normally 192.168.1.1?
What happens when you browse to it? Have you tried different browsers?

After resetting, I have checked to make sure what the IP is. My PC is using ethernet. Yes it gets a DHCP IP and I can ping its IP. If I browse to it I get "ERR_CONNECTION_RESET" from Chrome. Clearing the cache or incognito mode doesn't help, same result on different browsers. I can access it remotely, via the local IP on the browser on my phone and the Unifi app.

RSR · 24 Jan 2021 at 23:50

That's interesting, so if the phone is connecting via the local IP it maybe something on the PC do you have another laptop or PC you can check as well?

If you try the following from a CMD Prompt

If you have telnet installed, as its not a default install on W10 try the follow:

telnet 192.168.1.1 80
telnet 192.168.1.1 443

192.168.1.1 assuming that's the IP of the UDM.

Does it refuse the connection or does it give you a black screen?

Also under control panel, Internet Options, Connections, LAN Settings - Automatic Detect is Selected and Proxy is blank assuming you don't use one.

benjii · 25 Jan 2021 at 09:20

RSR said:
That's interesting, so if the phone is connecting via the local IP it maybe something on the PC do you have another laptop or PC you can check as well?

If you try the following from a CMD Prompt

If you have telnet installed, as its not a default install on W10 try the follow:

telnet 192.168.1.1 80
telnet 192.168.1.1 443

192.168.1.1 assuming that's the IP of the UDM.

Does it refuse the connection or does it give you a black screen?

Also under control panel, Internet Options, Connections, LAN Settings - Automatic Detect is Selected and Proxy is blank assuming you don't use one.

I had to enable telnet, but I get a blank screen with a flashing cursor, that means it has accepted the connection right? That was on both ports. I have 3 PCs in total connect via ethernet, none them are able to access it via local IP. Auto detect settings is enabled and proxy is off/blank.

I had a brainwave and decided to test safe mode with networking, I can access the local IP in safe mode. I had already tried disabling my antivirus/firewall, Kaspersky, and that didn't help, what else can be running that's causing an issue on all 3 PCs?

I had a second brainwave, Kaspersky is the only thing connecting all 3 PCs. Despite having disabled it to test, I decided to just uninstall it instead. Now I can connect. It was Kaspersky! Upon further investigation on one of the other PCs, I discovered that the issue was it was scanning all encrypted traffic on applications, by allowing an exclusion for the router IP on Chrome, all is well. The difference between the two firmwares I was using is the new ones moved to Unifi OS and now use HTTPS for the local IP connection, the old firmware was just HTTP.

I appreciate the help, thank you.

RSR · 25 Jan 2021 at 17:49

benjii said:
I had to enable telnet, but I get a blank screen with a flashing cursor, that means it has accepted the connection right?

Yup, its normally a quick test to see if you can pass traffic on a said port.

Excellent, I am happy its all sorted.

On a side note Ubnt, have released 1.8.6-2 beta which covers off the DNS CVE as I forgot to post it earlier.

https://community.ui.com/releases/U...-1-8-6-2/52c0b835-e551-4823-8d4d-4cfe0bf3a5bd

Bugfixes

Fix a potential kernel crash issue in DPI.

Upgrade dnsmasq to 2.83 to fix vulnerabilities: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687

kosymodo · 26 Jan 2021 at 12:07

Hi folks. I need your help in doing some detective work!

I've noticed that one of my WiFi devices is reporting a drop in connection every morning, since Sunday:
Sun: 02:33 to 06:01
Mon: 02:32 to 06:01
Tues: 02:33 to 06:01

Also, when I look in my controller, my USG seems to be offline during approximately those times (i.e. a long period of zero latency corresponding to those times).

To the best of my knowledge, I haven't set up anything which would take either my USG or WiFi offline at any point for any period of time. Therefore, I need your help in trying to work out what has changed! Any ideas where to look first?

My controller is throwing up the error alert 'UniFi Security Gatway was disconnected'. Therefore, I raised a ticket with my ISP to see if they can see anything happening their end. They looked at the live PPP and LNS sessions, along with data pulled from the ONT and they are not seeing any form of termination taking place. Therefore they believe these drops are residing from the LAN side of my network and not WAN.

the-evaluator · 26 Jan 2021 at 12:17

Have you got wifi optimisation enabled?

In the classic (or 'good' as I call them) settings go to -> Settings -> Site -> Auto-optimize network. Disable it.

In new new (rubbish) settings go to Settings -> Advanced Features -> WiFi AI. Disable it.

It needs to be disabled in BOTH sets of settings to actually disable it.

That probably wouldn't explain why your USG is disconnecting. Are you running a controller locally? What's the network layout? If the controller is connected wirelessly then that could explain why the controller loses the USG.

timmy85 · 26 Jan 2021 at 15:44

kosymodo said:
SNIP

the-evaluator said:
SNIP2

@kosymodo I had exactly this issue, but at 3am each night.

As per @the-evaluator, "Auto Optimize Network was already disabled, but WiFi AI was enabled on mine without me realizing!

Turned it off and it's no longer an issue.

kosymodo · 26 Jan 2021 at 15:56

the-evaluator said:
Have you got wifi optimisation enabled?

In the classic (or 'good' as I call them) settings go to -> Settings -> Site -> Auto-optimize network. Disable it.

In new new (rubbish) settings go to Settings -> Advanced Features -> WiFi AI. Disable it.

It needs to be disabled in BOTH sets of settings to actually disable it.

That probably wouldn't explain why your USG is disconnecting. Are you running a controller locally? What's the network layout? If the controller is connected wirelessly then that could explain why the controller loses the USG.

Thanks - I have now disabled BOTH settings, and will see if this makes any difference overnight.

As for my USG disconnecting... I'm running my controller on a Raspberry Pi. However, that will change imminently, as I have a Cloud Key Gen2 Plus en-route to me. I have a diagram of my network layout, but have never been able to add images on here :/

Do you interpret 'disconnected' as disconnected from the controller then? I was interpretting as disconnected from the internet (i.e. losing its WAN connection)

timmy85 said:
@kosymodo I had exactly this issue, but at 3am each night.

As per @the-evaluator, "Auto Optimize Network was already disabled, but WiFi AI was enabled on mine without me realizing!

Turned it off and it's no longer an issue.

Thanks - as above, have now disabled, and will see how things pan out overnight!

the-evaluator · 26 Jan 2021 at 17:04

kosymodo said:
As for my USG disconnecting... I'm running my controller on a Raspberry Pi. However, that will change imminently, as I have a Cloud Key Gen2 Plus en-route to me.

How's the Pi connected? Is it connected using an ethernet cable? As for uploading the image, go to something like imgur.com, upload it, grab a BB code share link and paste that into a post. Job done.

kosymodo said:
Do you interpret 'disconnected' as disconnected from the controller then? I was interpretting as disconnected from the internet (i.e. losing its WAN connection)

Yep, disconnected from the controller. It's likely that the USG is connected to the internet the entire time.

kosymodo · 26 Jan 2021 at 17:32

the-evaluator said:
How's the Pi connected? Is it connected using an ethernet cable? As for uploading the image, go to something like imgur.com, upload it, grab a BB code share link and paste that into a post. Job done.

Yeah, the Pi is connected by ethernet to my loft switch

Here's the network layout (fingers crossed) -

the-evaluator · 27 Jan 2021 at 07:06

Ok, so no reason I can think of why the USG would be losing the connection to the controller. The physical layout looks fine, if there were a cabling problem you'd likely notice before the controller tells you that the USG has disconnected.

kosymodo · 27 Jan 2021 at 15:00

the-evaluator said:
Ok, so no reason I can think of why the USG would be losing the connection to the controller. The physical layout looks fine, if there were a cabling problem you'd likely notice before the controller tells you that the USG has disconnected.

Right, so it happened again last night, even after changing the settings...

I happened to wake up mid-outage, and ran some pings:

192.168.1.1 is my USG
192.168.1.100 is my Pi-hole
192.168.1.200 is my UniFi controller

I then ran another ping:

192.168.10.1 is the gateway of my LAN2 network

Therefore, am I correct in deducing that this has something to do with setting up the LAN2 network? The purpose of this was to directly connect my Living Room Switch to the USG. This would allow me to remove the Understairs Switch (along with having moved Hue and Tado to the Loft Switch). @WJA96 helped me on another thread with this setup. My intention was to only have devices 1 to 5 on LAN2. Maybe I've gone about doing that in the wrong way though?

the-evaluator · 27 Jan 2021 at 15:15

Can you update the diagram and show what kit is sitting against which VLAN.

At the time you did the pings, could you ping 8.8.8.8?

kosymodo · 27 Jan 2021 at 15:44

the-evaluator said:
Can you update the diagram and show what kit is sitting against which VLAN.

At the time you did the pings, could you ping 8.8.8.8?

Hopefully this will now make more sense as to the current layout...

My intention is to move the Tado bridge (device 8) away from the Understairs Switch, so that I can remove that switch, and have the LAN1 output directly feeding into the Loft Switch (via the Patch Panel)

I didn't try pinging 8.8.8.8 nor any other IP addresses, though I did try Speedtest.net through a browser, which wouldn't connect. My laptop was also reporting no internet access (ethernet connection)

robj20 · 27 Jan 2021 at 15:46

Isn't the patch panel basically pointless in that diagram.

kosymodo · 27 Jan 2021 at 15:48

robj20 said:
Isn't the patch panel basically pointless in that diagram.

Yes! However, for my own sanity I was mapping out my network in its entirity during a quiet afternoon

*** Official Ubiquiti Discussion Thread ***

* Official Ubiquiti Discussion Thread *