Announcement

Collapse
No announcement yet.

Ubiquiti users - I have a question...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ubiquiti users - I have a question...

    I am going to replace my entire home network with Ubiquiti equipment.

    1 x Ubiquiti 24-port POE Switch Managed
    2 x Ubiquiti Networks UAP-AC-LITE-US Dual-Radio Access Point
    1 x 1 x Ubiquiti Networks UniFi AP AC In-Wall Ethernet Port

    My question is - do I need the Unifi Security Gateway?

    This is just for my home network. I dont have a fiber connection, just plain old DSL.
    HS3Pro Running on a Raspberry Pi3
    64 Z-Wave Nodes, 168 Events, 280 Devices
    UPB modules via OMNI plugin/panel
    Plugins: Z-Wave, BLRF, OMNI, HSTouch, weatherXML, EasyTrigger
    HSTouch Clients: 3 Android, 1 Joggler

  • #2
    Are you still using the Linksys WRT-54G with DD-WRT as a router/ firewall / gateway?

    If so then I would update it.

    Guessing here Rob that your network looks like this:

    DSL Modem ==> DD-WRT combo router ==> home network.
    - Pete

    Auto mator
    Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
    Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
    HS4 Pro - V4.0.5.0 - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X
    HS4 Lite -

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

    Comment


    • #3
      Originally posted by Pete View Post
      Are you still using the Linksys WRT-54G with DD-WRT as a router/ firewall / gateway?

      If so then I would update it.

      Guessing here Rob that your network looks like this:

      DSL Modem ==> DD-WRT combo router ==> home network.
      Yeah, I have a R7000 running DD-WRT and the WRT-54G as an access point.
      I have an 8-port POE switch for cameras and a smaller switch for everything else.

      I'm also re-punching everything into a better patch panel and doing some better cable management coming in from my attic.

      I just dont know if I need that Ubiquiti gateway or not - kinda confusing
      HS3Pro Running on a Raspberry Pi3
      64 Z-Wave Nodes, 168 Events, 280 Devices
      UPB modules via OMNI plugin/panel
      Plugins: Z-Wave, BLRF, OMNI, HSTouch, weatherXML, EasyTrigger
      HSTouch Clients: 3 Android, 1 Joggler

      Comment


      • #4
        I personally recommend a dedicated firewall (and beefy) in a la carte home network methodology.

        DSL Modem ==> beefy firewall ==> managed switches (and a managed POE switch would be nice) ==> WAP's.

        I am doing the beefy firewall via PFSense. (currently at 6 network interfaces with 2 IN and 4 OUT)

        You are already doing the a la carte stuff with dedicated WAP's and managed switches.

        The CPU / RAM on a dedicated (not combo) beefy firewall / router only serves to protect your network and does nothing else.
        Last edited by Pete; March 2nd, 2018, 03:47 PM.
        - Pete

        Auto mator
        Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
        Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
        HS4 Pro - V4.0.5.0 - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X
        HS4 Lite -

        X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

        Comment


        • #5
          Originally posted by rmasonjr View Post
          Yeah, I have a R7000 running DD-WRT and the WRT-54G as an access point.
          I have an 8-port POE switch for cameras and a smaller switch for everything else.

          I'm also re-punching everything into a better patch panel and doing some better cable management coming in from my attic.

          I just dont know if I need that Ubiquiti gateway or not - kinda confusing
          I wouldn't (I have one you can try if you'd like though). It's a sorta/kinda L3 firewall along with providing extra data/functionality to the Unifi controller (Speed test, port mapping, DPI, etc). It supposedly allows you to run it in Bridge mode if you already run a firewall, but the juries still out on how well that works. Ubnt is working on their own firewall device (one of the Pfsense developer moved in 2016), but honestly don't know where they're at with it.

          I ended up going with Sophos so I never implemented it, particularly in bridge mode, but never found the time to try it. Works perfectly fine without it, and you can add it later if you want.

          Z

          Comment


          • #6
            Originally posted by rmasonjr View Post
            I am going to replace my entire home network with Ubiquiti equipment.

            1 x Ubiquiti 24-port POE Switch Managed
            2 x Ubiquiti Networks UAP-AC-LITE-US Dual-Radio Access Point
            1 x 1 x Ubiquiti Networks UniFi AP AC In-Wall Ethernet Port

            My question is - do I need the Unifi Security Gateway?

            This is just for my home network. I dont have a fiber connection, just plain old DSL.
            I was running a pfSense firewall prior to getting the USG. My logic might apply in your case. Since I had the Ubiquiti switches and APs, I needed a controller to configure them. I initially installed the Ubiquiti controller as a Java service on my HomeSeer PC. When a saw all of the things that could be handled and reported by the controller when using a USG, it made sense to switch. The pfSense was a wonderful product, but the USG brings the whole Ubiquiti ecosystem together. I also went with the Cloud Key controller so that I could have it as a separate system from my HS PC.

            I am very happy with it after several months, the reporting is thorough and the configuration is a breeze. I can see what device is connected to which switch port, attached to an AP, etc. All configuration is accessible from the controller. Much of what is reported by the controller requires a USG.

            Click image for larger version

Name:	Capture.jpg
Views:	1
Size:	56.2 KB
ID:	1195668
            Randy Prade
            Aurora, CO
            Prades.net

            PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

            Comment


            • #7
              I have a USG Pro, 48 Port switch, several 8 ports switches and 8 APs.

              6 months ago I would have said that the USG lacked so many features that you were better off keeping your existing firewall. However, with the latest 5.7.X controller, the feature set has been greatly improved to the point where you are not making any major sacrifices to go with a USG. There are still some features missing, especially compared to something like pfSense, but the gap is closing rapidly.

              Thus, I think it's a no brainer to get the USG as well now as the whole point of switching over to Unifi is get a single pane to view and manage your network.

              Comment


              • #8
                I agree with rpade and BillBurn. If you want the full experience of what UniFi can provide, get the security gateway. I have all UniFi gear here and love it. The management GUI is great and I like the DPI data to really understand what devices are doing what.

                Especially if you have guests often at your house, the guest wifi and portal is a nice.

                I have the regular USG and have 300Mb Internet service. No problem hitting and sustaining that speed. I also work from home so push a bunch of data all the time.

                If you have faster Internet, worth considering the USG-Pro. Have a friend who is fortunate to get Gigabit Internet at his home. He has the Pro and no issues pushing that much through it.

                Comment


                • #9
                  Originally posted by sdesbles View Post
                  I agree with rpade and BillBurn. If you want the full experience of what UniFi can provide, get the security gateway. I have all UniFi gear here and love it. The management GUI is great and I like the DPI data to really understand what devices are doing what.

                  Especially if you have guests often at your house, the guest wifi and portal is a nice.

                  I have the regular USG and have 300Mb Internet service. No problem hitting and sustaining that speed. I also work from home so push a bunch of data all the time.

                  If you have faster Internet, worth considering the USG-Pro. Have a friend who is fortunate to get Gigabit Internet at his home. He has the Pro and no issues pushing that much through it.
                  Anyone have luck running in Bridge mode with their USG?

                  Z

                  Comment


                  • #10
                    Originally posted by vasrc View Post
                    Anyone have luck running in Bridge mode with their USG?

                    Z
                    What do you mean? My modem is in bridge mode. Are you referring to PPPoE? My Comcast modem doesn't use PPPoE, but I know a couple of people with Century Link VDSL that run their modems in bridge mode with the USG negotiating PPPoE.
                    Randy Prade
                    Aurora, CO
                    Prades.net

                    PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                    Comment


                    • #11
                      Originally posted by rprade View Post
                      What do you mean? My modem is in bridge mode. Are you referring to PPPoE? My Comcast modem doesn't use PPPoE, but I know a couple of people with Century Link VDSL that run their modems in bridge mode with the USG negotiating PPPoE.
                      Sorry, running the USG in bridge mode so it doesn't act like a fire wall (when you already have one upstream). When I first looked at it, bridge mode wasn't 100% supported by ubnt.

                      Z

                      Comment


                      • #12
                        Bridge Mode is not supported through the GUI, but apparently is possible if you use if you use the CLI.

                        About midway down this page https://community.ubnt.com/t5/UniFi-...ge/35#comments is an explanation of how to do it.

                        That said I haven't tried it, so who knows. There are a ton of very sophisticated things you can do through the CLI if you have the time and inclination to learn them (which I generally dont )

                        Comment


                        • #13
                          Originally posted by vasrc View Post
                          Sorry, running the USG in bridge mode so it doesn't act like a fire wall (when you already have one upstream). When I first looked at it, bridge mode wasn't 100% supported by ubnt.

                          Z
                          Passthrough or bridge mode is on their roadmap since early 2017, but is not implemented yet. There is a how to from someone who used CLI as BillBurn mentioned.

                          Look at the post on page 35 by "wnoisephx" who got it working with all the stats and data.
                          Randy Prade
                          Aurora, CO
                          Prades.net

                          PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                          Comment


                          • #14
                            Originally posted by rmasonjr View Post
                            I am going to replace my entire home network with Ubiquiti equipment.



                            1 x Ubiquiti 24-port POE Switch Managed

                            2 x Ubiquiti Networks UAP-AC-LITE-US Dual-Radio Access Point

                            1 x 1 x Ubiquiti Networks UniFi AP AC In-Wall Ethernet Port



                            My question is - do I need the Unifi Security Gateway?



                            This is just for my home network. I dont have a fiber connection, just plain old DSL.

                            Comment


                            • #15
                              Thanks all for the input. I have pulled the trigger on the following:

                              1 x Ubiquiti 16-port POE Managed (the 24-port is not available until April)
                              2 x Ubiquiti UAP-AC-LITE US Version UniFi
                              1 x Ubiquiti Networks Unifi Security Gateway (USG)
                              1 x Ubiquiti Networks Controller Hybrid Cloud Key

                              There is one outdoor-rated AP that I might get later for coverage by our pool/cabana.
                              I also have a new patch panel to replace the one I have now.
                              I'll post pics as the install goes.

                              Thanks!
                              HS3Pro Running on a Raspberry Pi3
                              64 Z-Wave Nodes, 168 Events, 280 Devices
                              UPB modules via OMNI plugin/panel
                              Plugins: Z-Wave, BLRF, OMNI, HSTouch, weatherXML, EasyTrigger
                              HSTouch Clients: 3 Android, 1 Joggler

                              Comment

                              Working...
                              X