*** Official Ubiquiti Discussion Thread ***

[SupraWez]

I dont use Pihole but could you not have Pihole forward external requests onto your Unifi which then uses secure DNS, yes your internal lookups would be clear text for someone monitoring DNS traffic on your LAN but then any external requests would be encrypted.

Cloudflare supports encrypted DNS: https://developers.cloudflare.com/1.1.1.1/encryption/ they also support DNS with malware and adult content blocks.

 

[Armageus]

I dont use Pihole but could you not have Pihole forward external requests onto your Unifi which then uses secure DNS, yes your internal lookups would be clear text for someone monitoring DNS traffic on your LAN but then any external requests would be encrypted.

Yes you could do it that way as well

 

[ChrisD.]

Or just use Adguard Home, which supports it out of the box. It's also (IMO/subjective) a nicer interface.

 

[dlockers]

Just dug the pi I bought from EVH a while back out. Will put adguard on there. Pretty sure I had it before, think I used the pi for HA and then forgot about it.

Edit: all back up and running on AdGuard again. Is it worth enabling any additional DNS blocklists?

 

[dlockers]

Dream Machine Pro has just arrived. What a PITA to get going - the redirect doesn't work in Edge or Chrome so I am currently double NAT'ing so I can get Firefox installed and then spoof my Mac to try and get it to grab an IP lol.

 

[ElliorR]

Dream Machine Pro has just arrived. What a PITA to get going - the redirect doesn't work in Edge or Chrome so I am currently double NAT'ing so I can get Firefox installed and then spoof my Mac to try and get it to grab an IP lol.

Yep, setting up my CGU wasn’t as smooth as all the Youtube videos made it look. Had to reboot my VM Hub, in modem mode, as the CGU kept saying it had no internet then I had to set it up via the app as in a browser on my PC it just wouldn’t work. Once set up in the app the browser, Chrome, worked fine with it.

 

[ChrisD.]

Bought the UniFi mini rack and an NVR. The rack whilst expensive is built really well. Pleased with it.

Keystones and cabling can wait for another day, needed the internet back on!

 

[ChrisD.]

Dream Machine Pro has just arrived. What a PITA to get going - the redirect doesn't work in Edge or Chrome so I am currently double NAT'ing so I can get Firefox installed and then spoof my Mac to try and get it to grab an IP lol.

Yep, setting up my CGU wasn’t as smooth as all the Youtube videos made it look. Had to reboot my VM Hub, in modem mode, as the CGU kept saying it had no internet then I had to set it up via the app as in a browser on my PC it just wouldn’t work. Once set up in the app the browser, Chrome, worked fine with it.

How odd, it's always been plug and play for me, both on DHCP connections and PPPoE.

 

[b0rn2sk8]

@ChrisD. youve got too much money

 

[ChrisD.]

@ChrisD. youve got too much money

Not anymore.

 

[Throrik]

Made the order last night for the Cloud Gateway Max, 8 Port Switch and an AP, networking in the new house is going to be nice.

 

[ElliorR]

Made the order last night for the Cloud Gateway Max, 8 Port Switch and an AP, networking in the new house is going to be nice.

Almost the same as me, I bought the Ultra instead of the Max as I don’t need cameras etc, but I also bought the flex mini 5 port switch that has all my TV stuff plugged in.I bought a single U6 Pro hoping it’d cover my whole house and it does so no need for a second AP for now.

 

[robj20]

Or just use Adguard Home, which supports it out of the box. It's also (IMO/subjective) a nicer interface.

That's what I use, have it running on my NAS. Not really tinkered with it just defaults.

 

[dlockers]

How odd, it's always been plug and play for me, both on DHCP connections and PPPoE.

To be fair it shipped with older firmware - seems the auto redirect is broken on modern browsers except Firefox.

The DHCP issue on WAN is because Lit fibre have a crazy retention policy on Mac addresses - the tech team told me the Mac I was connecting from (hard to tell on decos) and I just spoofed it.

All sorted now - so far so good.

I've got adguard as my DNS. Is it worth turning on the IPS or ad blocker on?

 

[Throrik]

Almost the same as me, I bought the Ultra instead of the Max as I don’t need cameras etc, but I also bought the flex mini 5 port switch that has all my TV stuff plugged in.I bought a single U6 Pro hoping it’d cover my whole house and it does so no need for a second AP for now.

I wanted 2.5Gbps, which was the only reason, the switch was hellishly expensive because of that.

 

[ElliorR]

I wanted 2.5Gbps, which was the only reason, the switch was hellishly expensive because of that.

If FTTP ever gets installed round my way, and I can get faster than my current VM 1gb, I’ll probably upgrade to a Dream Machine and a 2.5gb switch. Also the bloody expensive, but awesome looking, Ubiquiti rack.

 

[Throrik]

I must admit, getting a bit excited after seeing @ChrisD.'s rack. But none of the gear I've got is full sized rack kit.

 

[ChrisD.]

I've got adguard as my DNS. Is it worth turning on the IPS or ad blocker on?

No, I wouldn't say so. IPS isn't really worth it in home environments, and it'll increase CPU usage. If you are already blocking with AGH, I'm not sure what using the UniFi one would add.

 

[ElliorR]

I must admit, getting a bit excited after seeing @ChrisD.'s rack. But none of the gear I've got is full sized rack kit.

I’ve got a little rack. I wish I could say I’m under compensating for something but I don’t want to lie.

 

[platypus]

VLan Magic is looking great I must say but I have a few Qs.

When I create a vlan using VMagic (lets call it), the devices I assign to the magic VLan disappear from my topography map. Shouldn't I be able to see them logged into the gateway? I appreciate that they have been assigned to a magic vlan thats isolated but... the gateway should have an overview of everything?