Business WIFI Planning and Deployment
-
I purchased the access points... Do I need a "Cloud Key"?
-
@ccwtech No, most of us spin up a virtual machine and install the controller on it.
-
Ok, so it's software (and not hardware?)
Can it be installed on an existing server?
I have two virtual servers 1 DC/DHCP/DNS and 1 is Applications server.
-
@ccwtech said in Business WIFI Planning and Deployment:
I purchased the access points... Do I need a "Cloud Key"?
For the cost of a cloud key, you can have a Vultr VPS running for well over a year.
-
@ccwtech said in Business WIFI Planning and Deployment:
Ok, so it's software (and not hardware?)
Can it be installed on an existing server?
I have two virtual servers 1 DC/DHCP/DNS and 1 is Applications server.
If you have additional storage space ( say 30 GB) and some RAM/CPU left over, you can spin up another Linux VM for free on your virtual platform and install it there.
-
@dashrender Any particular 'flavor' of linux?
-
@ccwtech Debian or Ubuntu is what is supported.
-
If I don't want to go the VM option, is this the only other thing that I need? The router is Meraki and the switches are Netgear.
-
@ccwtech It is a waste of money...
Here is a how to @JaredBusch put together on setting up the controller on Debian
https://mangolassi.it/topic/14601/how-to-install-the-ubiquiti-unifi-controller-on-debian-9-1
-
If I go cloud based, can I have 1 VM for all of my different clients (different companies) or do I need to have one for each client?
-
@ccwtech You can use 1 and create sites for each client. That is what I do.
-
@brianlittlejohn said in Business WIFI Planning and Deployment:
@ccwtech You can use 1 and create sites for each client. That is what I do.
Exactly, JB has like 20 clients on one VM.
-
Ok, how do I tell the AP's to look to a cloud based server instead of a local one for the controller?
-
@ccwtech said in Business WIFI Planning and Deployment:
Ok, how do I tell the AP's to look to a cloud based server instead of a local one for the controller?
DNS entry for "unifi"
Or manually log into them and repoint them.
Or the UniFi apps.
-
Ok, and the DNS for "unifi" would point to the public IP of the virtual server on the Vultr is that right?
What port forwarding needs to be done? (If any)
-
@ccwtech said in Business WIFI Planning and Deployment:
Ok, and the DNS for "unifi" would point to the public IP of the virtual server on the Vultr is that right?
What port forwarding needs to be done? (If any)
on your office networks? nothing . the APs make outbound connections to the controller.
On the UniFi Controller side? 80/443 for the web interface (i recommend only 443 obviously). Then 8080 for the inform
-
Looks like my UniFi controller is listening on 8443 for web traffic. I am not sure why. But this was setup years and years ago when I did not have the resources I do now.
I guess I need to make a new controller for myself to verify defaults and put this back to whatever those defaults are.
This is the config of my Nginx Reverse proxy in front of the UniFi controller.
[jbusch@nginxproxy ~]$ sudo cat /etc/nginx/conf.d/unifi.bundystl.com.conf [sudo] password for jbusch: server { client_max_body_size 40M; listen 443 ssl; server_name unifi.bundystl.com; ssl on; ssl_certificate /etc/letsencrypt/live/support.bundystl.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/support.bundystl.com/privkey.pem; ssl_stapling on; ssl_stapling_verify on; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_dhparam /etc/ssl/certs/dhparam.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass https://10.254.0.32:8443/; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { client_max_body_size 40M; listen 80; server_name unifi.bundystl.com; rewrite ^ https://$server_name$request_uri? permanent;
-
Ok, Since I need it up quickly I'm going to throw it on a Windows machine and then migrate to a cloud Debian install.
-
In setting up, is there any reason to not just have the AP's and clients on the same as wired LAN vs. having it on a different gateway/subnet?
My main network is 192.168.10.0/24 and the Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
-
@ccwtech said in Business WIFI Planning and Deployment:
Network on the UniFi Controller is defaulting to 192.168.1.1/24 and wants to run it's own DHCP server.
No it does not. That is not what it says, nor what it wants to do.