Ubiquiti UniFi Thoughts and Questions

[mastrmind11 717]

  Although really she told me to do whatever I want.  

 

Nah, can't see any problem with that statement at all 

[Spaceboy 2493]

Nah, can't see any problem with that statement at all

so much unsaid in that statement [emoji23]

[jaycedk 373]

Just remember this " Happy wife, Happy life "

[BAlGaInTl 279]

Nah, can't see any problem with that statement at all 

 

 

so much unsaid in that statement [emoji23]

 

 

Just remember this " Happy wife, Happy life "

 

LOL!

 

But she is really good about my tech hobbies.  As long as I keep her phone, laptop, and network working, she's happy.  She endures my swooning over Raspberry Pis, robot vacuums, rackmount server in the basement,  electronic dartboard, multiple gaming computers, laptops, chromebooks, etc. etc. etc.

 

Although we have had this happen to us almost exactly:

 

[rbjtech 4223]

LOL!

 

But she is really good about my tech hobbies.  As long as I keep her phone, laptop, and network working, she's happy.  She endures my swooning over Raspberry Pis, robot vacuums, rackmount server in the basement,  electronic dartboard, multiple gaming computers, laptops, chromebooks, etc. etc. etc.

 

Although we have had this happen to us almost exactly:

 

 

Brilliant sketch - Brilliant series tbh - but a few too many 'Is that me..?' realisations .. haha..  

 

To answer your question however - download pfsense and/or Sophos XG and install on an old PC lying around (with an extra NIC) or fire up a VM if you have the capability - they are both free so you have nothing to lose by trying both and see what you prefer.  Then buy the kit assuming it does what you want/need it to do.

Edited May 1, 2020 by rbjtech

[Jdiesel 1113]

I don't really have sound advice one way or another. 

 

I feel most people end up using pfsense because:

1) They have spare hardware laying around and want to make use of it

2) They have very specific needs that require feature or a level of control that pfsense can offer

 

I personally fall into group 1.

 

As I get older I find I have less time to mess around with custom setups and would rather have a turnkey solution that just works. I have actually been pondering testing out some USG gear for that reason. I like the idea of some the the monitoring and dpi that it can do out of the box with minimal tinkering. Sure pfsense can also do it but it is much more messy. I also think a lot of opinions on USG might be coming from earlier products and versions of the software. I believe they are regularly updating things. I think if I was in your position and didn't already have something to run pfsense on, I would go for the USG.

[mastrmind11 717]

I don't really have sound advice one way or another. 

 

I feel most people end up using pfsense because:

1) They have spare hardware laying around and want to make use of it

2) They have very specific needs that require feature or a level of control that pfsense can offer

 

I personally fall into group 1.

 

As I get older I find I have less time to mess around with custom setups and would rather have a turnkey solution that just works. I have actually been pondering testing out some USG gear for that reason. I like the idea of some the the monitoring and dpi that it can do out of the box with minimal tinkering. Sure pfsense can also do it but it is much more messy. I also think a lot of opinions on USG might be coming from earlier products and versions of the software. I believe they are regularly updating things. I think if I was in your position and didn't already have something to run pfsense on, I would go for the USG.

This guy gets it.

[BAlGaInTl 279]

I don't really have sound advice one way or another. 

 

I feel most people end up using pfsense because:

1) They have spare hardware laying around and want to make use of it

2) They have very specific needs that require feature or a level of control that pfsense can offer

 

I personally fall into group 1.

 

As I get older I find I have less time to mess around with custom setups and would rather have a turnkey solution that just works. I have actually been pondering testing out some USG gear for that reason. I like the idea of some the the monitoring and dpi that it can do out of the box with minimal tinkering. Sure pfsense can also do it but it is much more messy. I also think a lot of opinions on USG might be coming from earlier products and versions of the software. I believe they are regularly updating things. I think if I was in your position and didn't already have something to run pfsense on, I would go for the USG.

 

This guy gets it.

 

I'm becoming more like that.

 

It's why I went from rolling my own server on LInux using OMV, to Unraid.  It's simple, and it just works.  It cost money, but I'm willing to pay it for the convenience.  Also... news flash... it's the same reason I use Emby now when I started out cobbling a bunch of FOSS solutions together for my media experience.  The cost is simply worth it.

 

I'm still considering the USG, as it's leaps and bounds beyond what I have now.

 

I have hardware, and will play around with pfsense... but if I decided to deploy, I'd be buying hardware anyway.  So if I decide to go with pfsense, it makes sense to buy from Netgate to support the project.

 

Thanks all for the feedback.

[BAlGaInTl 279]

Thanks for all the help.

 

I was browsing around my favorite tech store today, and noticed they have a bunch of "open box" UniFi stuff.  Looks like someone may have backed out of an install or something?

 

Here is what I can get (Prices are USD):

 

USG - $105

AC AP Lite (2 available) - $65

AP AC LR - $79

AP AC Pro - $110

nano HD AP - $125

UAP AC In-Wall - $70

 

I'm thinking of Grabbing the USG and 3 of the AP, but I don't know which would be best.  I'm thinking maybe the AP Pro for my main floor, and then a couple of Lites for the other two floors?  There were 3 Lites available last night... but one is gone now. ETA: Or is the nano or LR a better choice for my main floor?

 

Thoughts? @@Jdiesel @@rbjtech @@Sammy

 

In all, I'll be able to get the whole setup for around the cost of a decent consumer mesh.

Edited May 3, 2020 by BAlGaInTl

[mastrmind11 717]

Thanks for all the help.

 

I was browsing around my favorite tech store today, and noticed they have a bunch of "open box" UniFi stuff.  Looks like someone may have backed out of an install or something?

 

Here is what I can get (Prices are USD):

 

USG - $105

AC AP Lite (2 available) - $65

AP AC LR - $79

AP AC Pro - $110

nano HD AP - $125

UAP AC In-Wall - $70

 

I'm thinking of Grabbing the USG and 3 of the AP, but I don't know which would be best.  I'm thinking maybe the AP Pro for my main floor, and then a couple of Lites for the other two floors?  There were 3 Lites available last night... but one is gone now. ETA: Or is the nano or LR a better choice for my main floor?

 

Thoughts? @@Jdiesel @@rbjtech @@Sammy

 

In all, I'll be able to get the whole setup for around the cost of a decent consumer mesh.

I have a nano mounted on my 2nd floor ceiling in the center of the hous (3k sq ft) and it covers everything down to the basement.  Had an LR there originally but upgraded to a nano, no loss of coverage.  I think 3 APs might be overkill unless you live in a mansion.

[BAlGaInTl 279]

I have a nano mounted on my 2nd floor ceiling in the center of the hous (3k sq ft) and it covers everything down to the basement.  Had an LR there originally but upgraded to a nano, no loss of coverage.  I think 3 APs might be overkill unless you live in a mansion.

About 5K sq ft.

 

Maybe just the nano then and one lite then to reach the spots further off?

[Sammy 735]

Good prices! All mine are open box from Amazon Warehouse and were slightly more but delivered. They work fine.

 

Sent from my SM-G960U1 using Tapatalk

[BAlGaInTl 279]

$388 after tax for a complete setup.  USG + 3 AP.  I got the nano and the last two lites.  If I get two coverage with the two, then the third one is going out to the garage.

[rbjtech 4223]

Good choices - remember these are professional grade AP's - capable of handling 100's of connections each - so you really should not have an issue.

 

Also to note, they are PoE only, the AP Lites 'should' come with a PoE injector (if previously part of a 'single' pack) if you don't have a PoE switch but I'm not sure what the Nano comes with.

 

When setting them up - it's also worth looking on the Ubiquiti forums - as with that many AP's - you may find your 'roaming' doesn't work as well as you would want it to - the solution is actually to turn down the power on the AP's so the device 'lets go' on one AP and hops to another when roaming.

 

Also remember you'll need to setup a 'Controller' even if it's to do just the initial setup, but I'd recommend leaving it running as it collects all the 'stats' and behaves as the single interface to all your kit.

Edited May 4, 2020 by rbjtech

[mastrmind11 717]

nano should come w/ an injector too.

[BAlGaInTl 279]

Good choices - remember these are professional grade AP's - capable of handling 100's of connections each - so you really should not have an issue.

 

Also to note, they are PoE only, the AP Lites 'should' come with a PoE injector (if previously part of a 'single' pack) if you don't have a PoE switch but I'm not sure what the Nano comes with.

 

When setting them up - it's also worth looking on the Ubiquiti forums - as with that many AP's - you may find your 'roaming' doesn't work as well as you would want it to - the solution is actually to turn down the power on the AP's so the device 'lets go' on one AP and hops to another when roaming.

 

Also remember you'll need to setup a 'Controller' even if it's to do just the initial setup, but I'd recommend leaving it running as it collects all the 'stats' and behaves as the single interface to all your kit.

Yup

 

They were all singles listed as "complete." I plan on checking then all before I leave since it's a bit of a drive.

 

I plan on running the software in Docker on my server.

Edited May 4, 2020 by BAlGaInTl

[BAlGaInTl 279]

So I got the email that my order was ready...

 

When I showed up today, they said they couldn't locate the open box USG, so they gave me a brand new one for the open box price.

 

Now I have to wait until some people are off my server so I can try to upgrade. 

[Sammy 735]

You don't need to have the USG connected to the network as the router to upgrade the f/w and start making some settings.

[BAlGaInTl 279]

You don't need to have the USG connected to the network as the router to upgrade the f/w and start making some settings.

Thanks

 

I did hook it up and do some basic setup... then I just ripped off the bandaid and figured it out.

 

It took me a couple hours to get everything set up, but I'm impressed with the options. I'll dig in to it more later... but for now... it's online, and my users only saw minor interruption.

[BAlGaInTl 279]

Okay... so I ran in to one question.

 

During initial setup, I turned off all remote access.  I do not have a Ubiquiti account.

 

Are there benefits to turning on Ubiquiti account access and/or remote access?

 

I imagine that given the nature of professional gear, it's relatively safe?

 

Thoughts?

[Spaceboy 2493]

I don’t use the cloud access. No real security concerns but I just don’t picture needing it so thought it best to not enable it

[rbjtech 4223]

 

Thoughts?

 

I've not enabled it - I never been out and thought '..lets have a look at my internet utilisation..' lol - but for remote support if you are away from the devices it could be useful - but I still think I'd rather setup a VPN and give myself access that way.

[jaycedk 373]

Hmm Guess the cloud connect feature can be used.

If you had to deploy a new department at another location. Get the serial number. Set it up. And have the router shipped directly to the new location. Like I can do with Cisco Meraki, when deploying a new site.

[BAlGaInTl 279]

I don’t use the cloud access. No real security concerns but I just don’t picture needing it so thought it best to not enable it

 

I've not enabled it - I never been out and thought '..lets have a look at my internet utilisation..' lol - but for remote support if you are away from the devices it could be useful - but I still think I'd rather setup a VPN and give myself access that way.

 

Okay... that's how I've traditionally done my network.  

 

I just wanted to make sure I wasn't missing out on some great feature set.

 

There is a LOT to take in.  The good news is that there's lots of info out there.  I had to reset a couple of the AP before my UniFi Controller Docker would see them.  

 

I also had to figure out how to update the IP address of the USG so that all of my IP address I already had set up wouldn't change.  I really didn't want to reconfigure everything.

[mastrmind11 717]

FWIW I have cloud access enabled, for support when my wife is working from home and I'm in the office.  She likes to complain about her VPN connection dropping constantly, so I'm able to send her a screen shot of her laptop's wifi connection strength and prove it's not _my_ network that's the problem 

 

The Unifi mobile app is very nice too, btw.