Business WIFI Planning and Deployment
-
Ok, and the DNS for "unifi" would point to the public IP of the virtual server on the Vultr is that right?
What port forwarding needs to be done? (If any)
-
@ccwtech said in Business WIFI Planning and Deployment:
Ok, and the DNS for "unifi" would point to the public IP of the virtual server on the Vultr is that right?
What port forwarding needs to be done? (If any)
on your office networks? nothing . the APs make outbound connections to the controller.
On the UniFi Controller side? 80/443 for the web interface (i recommend only 443 obviously). Then 8080 for the inform
-
Looks like my UniFi controller is listening on 8443 for web traffic. I am not sure why. But this was setup years and years ago when I did not have the resources I do now.
I guess I need to make a new controller for myself to verify defaults and put this back to whatever those defaults are.
This is the config of my Nginx Reverse proxy in front of the UniFi controller.
[jbusch@nginxproxy ~]$ sudo cat /etc/nginx/conf.d/unifi.bundystl.com.conf [sudo] password for jbusch: server { client_max_body_size 40M; listen 443 ssl; server_name unifi.bundystl.com; ssl on; ssl_certificate /etc/letsencrypt/live/support.bundystl.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/support.bundystl.com/privkey.pem; ssl_stapling on; ssl_stapling_verify on; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_dhparam /etc/ssl/certs/dhparam.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass https://10.254.0.32:8443/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { client_max_body_size 40M; listen 80; server_name unifi.bundystl.com; rewrite ^ https://$server_name$request_uri? permanent; -
Ok, Since I need it up quickly I'm going to throw it on a Windows machine and then migrate to a cloud Debian install.
-
In setting up, is there any reason to not just have the AP's and clients on the same as wired LAN vs. having it on a different gateway/subnet?
My main network is 192.168.10.0/24 and the Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
-
@ccwtech said in Business WIFI Planning and Deployment:
Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
No it does not. That is not what it says, nor what it wants to do.
-
@jaredbusch said in Business WIFI Planning and Deployment:
@ccwtech said in Business WIFI Planning and Deployment:
Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
No it does not. That is not what it says, nor what it wants to do.
Ok, can you explain then?
-
@ccwtech said in Business WIFI Planning and Deployment:
@jaredbusch said in Business WIFI Planning and Deployment:
@ccwtech said in Business WIFI Planning and Deployment:
Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
No it does not. That is not what it says, nor what it wants to do.
Ok, can you explain then?
Not at the moment, as I am working my way to bed. But that stuff is not what any of that means.
Just make your SSID and plug everything in. Nothing else to do. Seriously, that is it.
-
On the default site , or make one if you want, click settings on the bottom left and the click wireless networks.
Set it up.
Click save.
Adopt an AP.
Done.
-
-
The controller has a ton of functionality - but you need additional hardware to take advantage of it. The firewall for example in the controller is if you are using a USG from Ubiquiti.
-
As far as setting up a guest network that is isolated from the main network... Any walk-throughs for that? On my Meraki I had set up a VLAN for the guest wifi, but the UniFis totally foreign to me.
-
@ccwtech said in Business WIFI Planning and Deployment:
As far as setting up a guest network that is isolated from the main network... Any walk-throughs for that? On my Meraki I had set up a VLAN for the guest wifi, but the UniFis totally foreign to me.
Assuming your VLAN still exists on your LAN, then just make another Wireless network but expand the advanced options and set the VLAN.
-
@jaredbusch Tried that but for some reason it wasn't picking up on the DHCP on the Meraki for that VLAN. I'll look into that more.
-
@ccwtech said in Business WIFI Planning and Deployment:
@jaredbusch Tried that but for some reason it wasn't picking up on the DHCP on the Meraki for that VLAN. I'll look into that more.
you'd have to create a new scope for DHCP for that VLAN. and create routing rules to route that network.
-
@dashrender said in Business WIFI Planning and Deployment:
you'd have to create a new scope for DHCP for that VLAN. and create routing rules to route that network.
DHCP on the Unifi Controller?
I have DHCP setup on the guest VLAN on the Meraki
-
@ccwtech said in Business WIFI Planning and Deployment:
@dashrender said in Business WIFI Planning and Deployment:
you'd have to create a new scope for DHCP for that VLAN. and create routing rules to route that network.
DHCP on the Unifi Controller?
I have DHCP setup on the guest VLAN on the Meraki
Then why aren't you getting DHCP from it?
-
That's the issue I am having.
I have DHCP on my Windows Server 2016 Box (Private network) for Vlan1 and DHCP on the Meraki for Vlan2 for the Public/Guest.
When clients join the private Wifi (no lan specified on the Unifi) they get an IP from the Windows Server. When the clients join the public Wifi Vlan2, no DHCP.
-
@ccwtech said in Business WIFI Planning and Deployment:
That's the issue I am having.
I have DHCP on my Windows Server 2016 Box (Private network) for Vlan1 and DHCP on the Meraki for Vlan2 for the Public/Guest.
When clients join the private Wifi (no lan specified on the Unifi) they get an IP from the Windows Server. When the clients join the public Wifi Vlan2, no DHCP.
Aww, you need to tell your Meraki to give DHCP on the public VLAN. Likely, the Meraki's DHCP is bound to the default VLAN (I guess I'm surprised you aren't having issues there, but that's only a guess).
-
This is how I have the Meraki setup. When I use the Wifi on the Meraki, things work as they should.
