Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » wireless » unifi
Trace: mikrotik_vpn
networking:wireless:unifi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:wireless:unifi [2023/01/31 13:19]
gcooper 		networking:wireless:unifi [2024/08/19 11:17] (current)
gcooper
Line 1: Line 1:
 ====== Ubiquiti Unifi ====== ====== Ubiquiti Unifi ======
 +
 +**Optimize Your Network**: https://help.ui.com/hc/en-us/articles/360012947634-UniFi-Network-Optimizing-Wireless-Speeds
  
 **User Guide**: http://dl.ubnt.com/guides/UniFi/UniFi_Controller_V4_UG.pdf **User Guide**: http://dl.ubnt.com/guides/UniFi/UniFi_Controller_V4_UG.pdf
Line 27: Line 29:
   * Integrated billing system available   * Integrated billing system available
  
-===== Controller Installation =====+<note tip>Consider using a Docker-based configuration.</note> 
 + 
 +===== Server ===== 
 + 
 +[[internet:mail:zimbra:zimbra_ose#server_preparation|Server Prep]]   
 + 
 +==== Unifi Installation ==== 
 + 
 +:!: Unifi Controller seems to be easy to install, run and update under **Docker**.  See below.
  
 https://pimylifeup.com/ubuntu-unifi-controller/ https://pimylifeup.com/ubuntu-unifi-controller/
  
-:!: This is for a minimal Ubuntu 22.04 LTS Server with 2 vCPU, 2GB RAM and a 20GGB vHD.+:!: This is for a minimal **Ubuntu 22.04** LTS Server with **2 vCPU****2GB RAM** and a **20GB vHD**.
  
 <file> <file>
 apt install curl haveged gpg openjdk-8-jre-headless apt install curl haveged gpg openjdk-8-jre-headless
  
-curl https://dl.ui.com/unifi/unifi-repo.gpg | sudo tee /usr/share/keyrings/ubiquiti-archive-keyring.gpg >/dev/null+# This library is not in the default repos 
 +wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb 
 +dpkg -i ./libssl1.1_1.1.0g-2ubuntu4_amd64.deb 
 +rm -f libssl1.1_1.1.0g-2ubuntu4_amd64.deb 
 + 
 +curl https://dl.ui.com/unifi/unifi-repo.gpg | sudo tee /usr/share/keyrings/ubiquiti-archive-keyring.gpg > /dev/null
  
 echo 'deb [signed-by=/usr/share/keyrings/ubiquiti-archive-keyring.gpg] https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list > /dev/null echo 'deb [signed-by=/usr/share/keyrings/ubiquiti-archive-keyring.gpg] https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list > /dev/null
  
-wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb +curl https://pgp.mongodb.com/server-3.6.asc | gpg --dearmor | tee /usr/share/keyrings/mongodb-org-server-3.6-archive-keyring.gpg > /dev/null
-sudo dpkg -i ./libssl1.1_1.1.0g-2ubuntu4_amd64.deb +
-rm -f libssl1.1_1.1.0g-2ubuntu4_amd64.deb+
  
-curl https://pgp.mongodb.com/server-3.6.asc sudo gpg --dearmor | sudo tee /usr/share/keyrings/mongodb-org-server-3.6-archive-keyring.gpg >/dev/null+echo 'deb [signed-by=/usr/share/keyrings/mongodb-org-server-3.6-archive-keyring.gpg] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse' | tee /etc/apt/sources.list.d/mongodb-org-3.6.list > /dev/null
  
-echo 'deb [signed-by=/usr/share/keyrings/mongodb-org-server-3.6-archive-keyring.gpg] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse' | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list > /dev/null +apt update && apt install -mongodb-org-server && systemctl enable mongod && systemctl start mongod
-apt update+
  
 +apt install unifi -y
 </file> </file>
  
Line 56: Line 69:
 ^UDP Ports| 3478                       | ^UDP Ports| 3478                       |
  
-==== Management ====+<file> 
 +ufw allow 22/tcp 
 +ufw allow 8080/tcp 
 +ufw allow 8443/tcp 
 +ufw allow 8880/tcp 
 +ufw allow 8843/tcp 
 +ufw allow 3478/udp 
 + 
 +ufw --force enable 
 + 
 +ufw status numbered 
 +</file> 
 + 
 +===== Management =====
  
-=== Browser ===+==== Browser ====
  
 https://ip.of.controller:8443 https://ip.of.controller:8443
Line 65: Line 91:
 ^Default Password |''123456''   | ^Default Password |''123456''   |
  
-=== SSH ===+==== SSH ====
  
 ^Default Username |''ubnt''     | ^Default Username |''ubnt''     |
Line 76: Line 102:
 :!: Be aware that under **Settings -> Networks -> Edit** you will find a **DHCP Server enabled**. :!: Be aware that under **Settings -> Networks -> Edit** you will find a **DHCP Server enabled**.
  
-**Select the site -> Settings -> Site**+**Select the site -> Settings -> System**
  
   * ''Site Name''   * ''Site Name''
   * ''Country''   * ''Country''
   * ''Time Zone''   * ''Time Zone''
-  * ''Device Authentication'' 
  
 **Select the site -> Settings -> Wireless Networks** **Select the site -> Settings -> Wireless Networks**
Line 113: Line 138:
  
 ===== Guest Networks ===== ===== Guest Networks =====
- 
-**Guest FAQ**: http://wiki.ubnt.com/UniFi_FAQ#Guest_Access 
- 
-**Guest Doc**: https://help.ubnt.com/hc/en-us/articles/115000166827-UniFi-Wireless-Guest-Network-Setup 
- 
-**If Using VLANs**: https://help.ubnt.com/hc/en-us/articles/219654087-UniFi-Using-VLANs-with-UniFi-Wireless-Routing-Switching-Hardware 
  
 Simple guest access uses single DHCP server and restricts access to Internet only. Simple guest access uses single DHCP server and restricts access to Internet only.
 +
 +<note tip>These steps are no longer correct for Controller V8. Guest networks are now created by selecting ''Manual'' configuration and enabling ''Hotspot Portal'' You configure the user experience by managing the Hotspot Portal.</note>
  
   * To **restrict bandwidth of guests**, create a "Guests" User Group   * To **restrict bandwidth of guests**, create a "Guests" User Group
Line 137: Line 158:
  
 :!: Click in ''Security Key'' field to expose the current password. :!: Click in ''Security Key'' field to expose the current password.
- 
-:!: To **restrict guest access**, make sure your guest/access control has the following **Post-Authorization Restrictions**: 
- 
-<file> 
-192.168.0.0/16 
-172.16.0.0/12 
-10.0.0.0/8 
-</file> 
  
 ===== Site Administrators ===== ===== Site Administrators =====
Line 165: Line 178:
 ==== L3 Adoption ==== ==== L3 Adoption ====
  
-http://www.youtube.com/watch?v=y5tkToD_nds+**Docs**: https://help.ui.com/hc/en-us/articles/204909754-Remote-Adoption-Layer-3 
 + 
 +**HowTo**: http://www.youtube.com/watch?v=y5tkToD_nds
  
   - Install AP   - Install AP
Line 294: Line 309:
   - Enable the Multicast Enhancement. **WIFI -> SSID -> Advanced**   - Enable the Multicast Enhancement. **WIFI -> SSID -> Advanced**
   - Enable Fast Roaming. **WIFI -> SSID -> Advanced -> Enable Fast Roaming**   - Enable Fast Roaming. **WIFI -> SSID -> Advanced -> Enable Fast Roaming**
 +
 +===== Docker =====
 +
 +<note warning>This example uses an unsupported Docker image.  You probably want to use "linuxserver/unifi-network-application:latest" now.</note>
 +
 +Unifi Controller seems to be easy to install, run and update under Docker.
 +
 +==== docker-compose.yml ====
 +
 +=== Simple Version ===
 +
 +<file>
 +version: "2.1"
 +services:
 +  unifi-controller:
 +    image: lscr.io/linuxserver/unifi-controller:latest
 +    container_name: unifi-controller
 +    environment:
 +      - PUID=1000
 +      - PGID=1000
 +      - TZ=Arizona/Phoenix
 +      - MEM_LIMIT=1024 #optional
 +      - MEM_STARTUP=1024 #optional
 +    volumes:
 +      - /root/docker/unifi/config:/config
 +    networks:
 +      - unifi-net
 +    ports:
 +      - 8443:8443
 +      - 3478:3478/udp
 +      - 10001:10001/udp
 +      - 8080:8080
 +#      - 1900:1900/udp #optional
 +#      - 8843:8843 #optional
 +#      - 8880:8880 #optional
 +#      - 6789:6789 #optional
 +#      - 5514:5514/udp #optional
 +    healthcheck:
 +      test: curl --fail -k https://localhost:8443/ || exit 1
 +      interval: 5m
 +      timeout: 15s
 +    restart: unless-stopped
 +
 +networks:
 +  unifi-net:
 +    name: unifi-net
 +</file>
 +
networking/wireless/unifi.1675196391.txt.gz · Last modified: 2023/01/31 13:19 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki