Jump to content

New Network


Sammy

Recommended Posts

mastrmind11

It's always slow go for me on these sorts of things as I need to keep the internet up while I switch over meaning I have to work on it in the off hours but get some sleep as I'm not a machine like Luke and Eric..

 

At any rate, I got everything set up, including a smooth upgrade from Win 7 to Win 10 on my NUC, using the same activation key for success which slightly surprised me. I was working without connecting the USG to the WAN on the Modem until I could not any longer so I moved all the equipment from the dining to the office.

 

Yesterday I connected the USG to the Modem and updated the Switch and AP f/w. Today I wanted to change the DHCP server from 192.168.1.1 and the pool from 192.168.1.2 ~ 254 to 10.0.0.1 and 10.0.0.100~254 respectively. I logged into the USG back end at 192.168.1.1 and changed the server and pool as desired and hit save. A link came up to log into the USG at the new address. I clicked the link and.. nothing.. going to localhost:port for the USG it shows that the USG is not connected but the Switch and AP are. I rebooted the USG, still nothing.

 

Do I need to reset the USG and log into 192.168.1.1 and make the changes before adopting it into the controller? No biggie to start over as I really haven't gone any farther than this anyhow.

yeah, you have to set up the USG before adopting if you change from 192.168.1.1

https://help.ubnt.com/hc/en-us/articles/236281367-UniFi-USG-How-to-Adopt-a-USG-into-an-Existing-Network

  • Like 1
Link to comment
Share on other sites

yeah, you have to set up the USG before adopting if you change from 192.168.1.1

https://help.ubnt.com/hc/en-us/articles/236281367-UniFi-USG-How-to-Adopt-a-USG-into-an-Existing-Network

 

So I plug the USG into my existing router before adopting it and then it will take on the existing IP addresses from the existing router? Then I take the existing router out of the network and adopt the USG to the controller?

 

I did notice that even though my existing router was unplugged and the USG was on 192.168.1.1 many devices came in at their previous IP Address.. Many, not all. I think these were all wireless clients.

Edited by Sammy
Link to comment
Share on other sites

mastrmind11

So I plug the USG into my existing router before adopting it and then it will take on the existing IP addresses from the existing router? Then I take the existing router out of the network and adopt the USG to the controller?

 

I did notice that even though my existing router was unplugged and the USG was on 192.168.1.1 many devices came in at their previous IP Address.. Many, not all. I think these were all wireless clients.

 

So I plug the USG into my existing router before adopting it and then it will take on the existing IP addresses from the existing router? Then I take the existing router out of the network and adopt the USG to the controller?

 

I did notice that even though my existing router was unplugged and the USG was on 192.168.1.1 many devices came in at their previous IP Address.. Many, not all. I think these were all wireless clients.

I don't think that will work, since your existing router is likely already taking 1.1.  IIRC I plugged directly into it from my PC and set it up that way.  That was a few years ago and had to be done via SSH, but based on that link I sent it appears the USG has its own web server now for configuration, so plugging directly into it should work.

Link to comment
Share on other sites

  • 2 weeks later...

Considered it but decided to go with components.

USG
Switch 8
UAP AC-Pro
Controller on a NUC but might put it on a rPi I have lying about.

Wish I knew; I would have bought your gear!

Sent from my SM-G960U1 using Tapatalk

Edited by Sammy
Link to comment
Share on other sites

It won't let me connect it to the network. I can ping -i HarmonyHub and it returns a ping and the IP address but it won't see it in the app or on the Elite Remote.

 

Sent from my SM-G960U1 using Tapatalk

Link to comment
Share on other sites

Guest asrequested

Is the phone and the hub on the same frequency? 2.4GHz or 5Ghz. Your AP is probably combining them, and the devices may not be on the same one, which will put them on different channels. You can either split them and manually choose, or use band steering and force compatible devices on the 5GHz

 

5e3cc3439a77a_Annotation20200206175316.j

Link to comment
Share on other sites

I'm starting to see that this is more than just the Harmony Hub. I have a TP-Link TL=WA850RE WiFi Extender that brings ethernet to my pool equipment controller, a couple of WiFi Cams and a Samsung Robot Vacuum all on 2.4Ghz only. They've all fallen off my network. What's next? Rachio Sprinkler Controller? Ring Doorbell?

 

I'm thinking I may put my HA stuff on a separate subnet, including my VeraPlus but am not quite sure how to accomplish this. @@chef any thoughts?

Link to comment
Share on other sites

mastrmind11

I'm starting to see that this is more than just the Harmony Hub. I have a TP-Link TL=WA850RE WiFi Extender that brings ethernet to my pool equipment controller, a couple of WiFi Cams and a Samsung Robot Vacuum all on 2.4Ghz only. They've all fallen off my network. What's next? Rachio Sprinkler Controller? Ring Doorbell?

 

I'm thinking I may put my HA stuff on a separate subnet, including my VeraPlus but am not quite sure how to accomplish this. @@chef any thoughts?

Set up a new network in your controller, assign it a VLAN, and all your IoT stuff gets that VLAN.  Thats how I have it set up.  Pretty good docs over at ubnt that outline how to do this.  I've also set up a firewall rule that kills and _inbound_ requests from anything on my IoT VLAN so, you know, a hacker can't gain access to stuff.  But yeah, this is uncommon so something is up.  I have IoT stuff all over the place w/o issue and basically the exact same setup as you.

  • Like 1
Link to comment
Share on other sites

Guest asrequested

I wouldn't suggest getting too crazy with it. If you ever have to troubleshoot, you'll have a lot of points to go through. A few hard rules, and you should be good. Unless you like messing with all of that :)

  • Like 1
Link to comment
Share on other sites

maegibbons

Ubiquiti always rushes stuff to market.

 

We have been using their stuff for years for our wisp business. Its good and cheap BUT early adoption is always risky.

 

Generally their idea of beta is alpha quality and then they release to the masses as a first beta.

 

The good news is that they do get there in the end.

 

Krs

 

Mark

 

Sent from my SM-N976B using Tapatalk

Link to comment
Share on other sites

Pretty much a FAIL on their part. They won't even say if it might be in a future f/w update?!

 

BTW, I got my Harmony Hub, Pool Control and Samsung PowerBot vacuum hooked into my network by placing them in a separate 2g_IoT network that only uses the 2.4GHz radio. Even though I assigned this network an IP such as 10.0.100.1/24 these devices still use the LAN 10.0.0.1/24's DHCP Range Addresses, the same ones they had already from previously being seen on that network and having their IP addresses set to static. I can connect to them from my VeraPlus Controller which is on the LAN Network. I have set no special firewall rules on PieHole (which is???) on this network.

Link to comment
Share on other sites

I'm planning to buy one of these.

 

https://store.ui.com/products/udm-pro

I ordered one to ship to my US PO box but they cancelled my order as it looked like it would be deployed outside of the US. So now I have to wait for it to show up on the Canada store. Which hopefully gives the firmware some time to work out some more bugs.

 

I don't know why anybody starting off with Unifi gear wouldn't get this as their starting point. IPS/IDS throughput of 1gbps vs 80mbit on the USG is a huge improvement! This feature can't even be enabled on the older units without extremely limiting your internet connection. I pay for a 1gbps connection, I'd cry if I throttled it down to 80mbit.

 

Add to it the SFP+ port to connect to your switches and we've got a winner. I just wish they would have made the 8 ports POE capable, especially since it holds the HDD for Unifi Protect which uses POE camera's. I get they want to keep cost low, but I feel that is a bit of an oversight.

Link to comment
Share on other sites

mastrmind11

 I have set no special firewall rules on PieHole (which is???) on this network.

 

so stuff is working?  I have pihole set up via the USG dns server, so are you having an issue or you're confused why it's working?

Link to comment
Share on other sites

 

 

so stuff is working? I have pihole set up via the USG dns server, so are you having an issue or you're confused why it's working?

Yes. I set up a separate IoT Network using the 2.4GHz band only, not a VLAN, with a different gateway address of 10.0.100.1/24 but these 2.5GHz devices connected with their old addresses on the 10.0.0.xxx range.

 

I do want to make this network more secure yet have it talk to my local devices as needed (VeraPlus controller for sure). I think this is what PiHole is all about but need to learn more about it and how to set it up.

 

Sent from my SM-G960U1 using Tapatalk

Link to comment
Share on other sites

Spaceboy

Yes. I set up a separate IoT Network using the 2.4GHz band only, not a VLAN, with a different gateway address of 10.0.100.1/24 but these 2.5GHz devices connected with their old addresses on the 10.0.0.xxx range.

 

I do want to make this network more secure yet have it talk to my local devices as needed (VeraPlus controller for sure). I think this is what PiHole is all about but need to learn more about it and how to set it up.

 

Sent from my SM-G960U1 using Tapatalk

pi hole is an internal dns server with adblocking built in. It’s great but not sure that’s what you are looking for
Link to comment
Share on other sites

Okay so I have it wrong. How to have a separate IoT Network that is more secure yet still talks to devices on the main LAN in Unifi?

Link to comment
Share on other sites

maegibbons

Okay so I have it wrong. How to have a separate IoT Network that is more secure yet still talks to devices on the main LAN in Unifi?

'More secure' from what....?

 

There are many ways to do this. If you use VLANS then you effectively have two or more seperate networks that have to route through a router to get on to the other VLAN/Subnet.

 

What exactly are you trying to achieve/do?

 

Krs

 

Mark

 

Sent from my SM-N976B using Tapatalk

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...