!ubiquiti@lemmy.ml
Unofficial Ubiquiti community.
Discover innovations, troubleshoot, and optimize your Ubiquiti products and software.
!ubiquiti
@lemmy.mlI am getting used to Ubiquiti, and recently added a VPN Client to cover one of my VLANs. Am I correct in my understanding that having no Fallback
option is essentiall a Kill switch that will not allow traffic to pass outside of the VPN in the event it goes down?
I recently started playing with UDM after having been in PFSense for the last few years. In PFSense, I had a pretty organized rule set for each VLAN, and it was pretty easy to read and follow compared to the single list for rules in UDM (though it makes up for it in other areas).
I'm trying to recreate some of my original rules and flows, but wanted to get another pair of eyes on them to be sure I am using "LAN In"
and "LAN Out"
correctly (especially on the rules where I try to only allow necessary devices/ ports out to WAN).
Just joined the club and got my first piece of ubiquiti gear! I spent some time doing the initial configuration and adding my VLANs, static IPs, however I ran into a bit of an issue that I'm sure is a quick fix.
By default the UDM Pro is on 192.168.1.1, and that's fine. I actually use the 192.168.1.0/24 as a management VLAN for networking devices that other VLANs don't need access to.
The problem I'm running into is that this default space that the UDM Pro is on does not have an option for a VLAN tag. I can change the IP of the default network to be something else like 192.168.100.0/24, and make a management VLAN on 192.168.1.0/24, but then the UDM Pro will grab a 192.168.100.0/24 address (since it is on the default network).
How, after doing this, can I set the UDM Pro to be on this new management VLAN and not the default?
https://evanmccann.net/blog/2024/5/unifi-u7-pro-max-wall-and-outdoor-preview
This preview covers the specs and my initial impressions of Ubiquiti’s latest batch of Wi-Fi 7 UniFi access points: the U7 Pro Max, U7 Pro Wall, and U7 Outdoor.
https://www.plume.com/homepass/blog/give-your-home-a-sixth-sense-with-plume-motion/
Hello I've been using a chromecast with Google tv on a portable monitor to have my cameras displayed, but it seems the chromecast is pretty under powered. I am wondering if anyone has had any luck with the 4k version of the chromecast or another cheap streaming device like the Walmart onn that loads the protect app better.
Currently one camera view works fine but using a four camera view is tough because you have to open and close the app over and over until every thing loads up, then if someone rings the doorbell and it goes to the doorbell view you start all over to get it back
https://store.ui.com/us/en/products/u7-pro
Ceiling-mount WiFi 7 AP with 6 GHz support, 2.5 GbE uplink, 9.3 Gbps over-the-air speed, and 300+ client capacity.
Since the whole security issue popped up, I decided to disable remote access for both my udm pro and UNVR.
I am able to access the udm pro via the unifi app through wireguard but I am unable to access protect.
Has anyone gotten this to work?
So I have two sites: my home network and my cloud VPSs. I have setup a FreeIPA domain that I would like to use for all my machines, local and remote. While I wait for Linode/Akamai to add their new VPC feature, I want to create Wireguard tunnels from each VPS to my home network with my UDMP as the router. I tried to set it up through the UI, however I can't ping to/from the server wireguard interface when connected. So I tried to set it up with wg-quick
but alas that isn't working either. I have the firewall port for wireguard open with both Internet In and Internet Local. I'm not even trying to get LAN access yet because I can't even ping over the tunnel. This has seriously frustrated me and I need to see if I'm just majorly fucking up or if I'm sane afterall and the UDMP just isn't good for Wireguard.
Server conf:
[Interface]
Address = 192.168.84.1/24
ListenPort = 51820
PrivateKey = [server private key]
[Peer]
PublicKey = [client public key]
AllowedIps = 192.168.84.20/32
Client conf:
[Interface]
Address = 192.168.84.20/24
PrivateKey = [client private key]
[Peer]
PublicKey = [server public key]
Endpoint = [server hostname]:51820
AllowedIPs = 192.168.84.1/32
I had PostUp and PostDown rules set, but they didn't seem to make a difference. It seems they're mostly for configuring routing with iptables. Can I please get a sanity check here?
Edit: It was dns. It's always dns. Apparently the UDM Pro doesn't like IPv6 for Wireguard (and supposedly a lot) and the domain name I was using for my home network was double stack. I tested against it's current IP address and when that worked I made a subdomain that was IPv4 only and it's working great now.
I bought a Unifi Express to upgrade my parents in law from an old orbi mesh system that I handed down to them. I'm hoping this will improve their network, and allow me to remotely help them more easily.
After receiving the device, I decided to first test it out in my network to see if it was a viable replacement for my USG-3P and my RPI4-4GB. TL;DR: it is not.
My setup: 1x U6 Lite 1x AC-AP Lite 1x AC-Mesh 1x Nano HD 1x USW-8-60W 1x Lite 8 POE 1x Flex Mini 1x USG-3P 1x Raspberry PI 4-4GB running pihole, Homebridge, controller 1x Raspberry PI zeroW running redundant pihole and critical redundant homebridge items Centurylink Symmetric gigabit fiber
I have around 35 smart home wifi devices and in generally around 55-60 total clients connected to my network.
I loaded a backup from my RPI4 controller to get started.
My initial attempt just failed, as I tried to like set it up while connected to my existing network. I was also just not used to dealing with a UnifiOS console device and the way that it works.
Loading the backup took like 30 minutes of an NFL football game, so I guess like 1 hour, but I did not time it exactly.
After getting it up and running I can no longer get the network application to load in my browser, it just keeps loading forever.
With nothing else happening, SSH to the console and running TOP shows that unifi-network-b process is using between 20-91% of the CPU. Load averages are around 4.5. The one good thing is that I was getting around the 940Mbps up and down at first, but it always starts out a bit slow at around 45Mbps, then it gets faster after about a second. Today I'm seeing 940 down and 500 up. Not sure if it is ISP or the device just getting slow. When I was using my USG-3P I normally see the symmetric 940 jump up to full speed immediately, without the initial hang up at 45Mbps.
Ultimately, it is nice to see that it can prioritize the internet to do its primary job when it is just completely swamped by relatively modest network I have setup.
This shows me that my true path forward is definitely the UXG-Lite while maintaining my RPI4 for the controller. I have no urgency to replace my USG-3P, but I would like to have the UXG-Lite at least available for shipping before the USG-3P crapps out so I am not caught with my pants down. I do have the ISP router I can pop in for an emergency, but I would like to stay in the ecosystem if possible.
I will post another update after I setup the gateway at my parents in law's house.