New Idea

REQUEST: remote VPN (l2tp) on IPv6 only WAN ports

Submitted by - Monday
Status: New Idea

Hi,

in Germany more and more internet providers give only IPv6 IPs to their customer.

It gets common tha IPv4 is not provided to the customer, only IPv6. An exaple is the fiber internet provider "Deutsche Glasfser"and UnityMedia

 

Please provide VPN remote access to the WAN port running only IPv6 to the internet.

 

USG-3P FW: 4.4.29

UniFi Controller: 5.8.30

 

It would be a great help, I dad been converted to IPv6  some weeks ago.

Best regards

Frank

 

The Unifi Support told me:

AS:

Unfortunately, remote user VPN don't support on IPv6 for now. It only listens on IPv4

 

 

 

VLAN support on UCK / G2 / G2-PLUS

Submitted by - 3 weeks ago
Status: New Idea

Folks,

 

Per the rather concise discussion at 

 

https://community.ubnt.com/t5/UCK-G2-PLUS-Early-Access/VLan-support/td-p/2392620

 

We're requesting that you provide VLAN support on the UCK. It could be set up under the UCK management page, and settings imported to/from the Unifi controller.

 

VLAN for Unifi management to match the management VLAN settings in the unifi controller for switches and APs.

  • MUST tag all traffic into this VLAN from the controller.
  • SHOULD be capable of listening and responding on untagged discover requests. 
  • ideally, SHOULD be capable of passing back management VLAN tag as part of inform.
  • possibly Unifi devices SHOULD auto-provision L2 and L3 into mgmt VLAN if set.

 

 

VLAN for cameras 

  • MUST tag all video server traffic into this VLAN from the controller.
  • SHOULD be capable of being set to the same as the VLAN tag for Unifi for simple cases.
  • MUST NOT allow unauthorised devices to this VLAN (auto mac prefix filtering and whitelist at very minimum, PKI better)
  • Ideally a larger piece of work would be to create a network type "video" in the unifi controller.

Disable Secondary Ethernet port on UAP

Submitted by - Wednesday
Status: New Idea

Please create a feature that allows users to disable the secondary ethernet ports on access points.  I have several AP-HD's deployed in a dormitory.  The student network shuts off on a schedule (per the organization's request).  One student has found that he can plug into the secondary port on the access point and create his own hotspot.  I need this resolved soon.

 

Surely there is a way to create a way to creat a "set interfaces ethernet eth1 disable" command button or something in Unifi. 

 

PLEASE!!!!!!

 

Thanks! 

REQUEST: 2FA or Multifactor IPSEC VPN support

Submitted by - a week ago
Status: New Idea

I posted a support ticket about this and was told to post here instead. Makes zero sense to me, but here goes anyway. 

As far as I'm aware Unifi (USG) still doesn't support any kind of 2FA for VPN access. Would it be possible to implement this so we could use Google Authenticator or similar, or possibly even hardware solutions (Yubikey etc)? I found the oldest requests about this to be from several years ago so I'm not holding my breath hoping for anything to happen. It's just that Cisco has a solution already and sooner or later I run out of reasons to justify staying with our UniFi setup when another vendor has everything ready to run. 

DPI Restriction on adult websites

Submitted by - Friday
Status: New Idea

THis is a *MUST HAVE* feature which Meraki (focused on school districts) has.

It is pratically impossible to beat them on a RFC when a superintendent ask if out of the box we can block adult contents.

Please add this feature, and extend the DPI Restriction categories

Request: Force All Outgoing DNS Traffic to Specific Server

Submitted by -
Status: New Idea

I have a USG-PRO-4 and just switched from pfSense. In pfSense I was able to catch all outgoing DNS requests (regardless of which server they were pointed at) and redirect them to some other internal or external DNS server. Part of my security and content filtering strategy requires this but there is currently no easy way to do it with the UniFi controller.

 

Can this be added as an option in the controller GUI? Something like a checkbox that says "Redirect DNS Requests" and a field to manually enter an address.

 

Currently files have to be modified by hand and the changes won't persist once a change is made to the USG from the controller. Below are a few links that outline the necessary changes, which can't be done from the controller.

 

https://community.ubnt.com/t5/UniFi-Routing-Switching/USG-Firewall-Rules-for-OpenDNS/m-p/1807093#M33337

 

Full DHCP Table

Submitted by - 4 weeks ago
Status: New Idea

Hope I am not duplicating previous posts.

 

I think it would be good to have access to a full DHCP table so we could see all of the IP's the USG is assigning to hosts. I currently have a few devices that only communicate thru the LAN and don't actually send information to the internet. As such these clients aren't showing up in the client table. It would be good if we could see all.

 

Exclude option for DPI

Submitted by - Wednesday
Status: New Idea

Dear Dev team

 

We love the Block Social media feature of DPI and we block all social media


However we do want to allow to use Linkedin

 

We would appriciate an option to block specific apps or exclude apps form the blocking.

 

Sincerly Simon

Support DNS-over-TLS

Submitted by -
Status: New Idea

Cloudflare recently published their DNS resolver openly under 1.1.1.1:

https://blog.cloudflare.com/announcing-1111/

https://blog.cloudflare.com/dns-resolver-1-1-1-1/

 

For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-TLS: https://developers.cloudflare.com/1.1.1.1/dns-over-tls/

Support Ubuntu 18.04 and others including MongoDB 3.6.x

Submitted by -
Status: New Idea

I emailed support about this, and they suggested I post this as a "feature request" on the community forum, which seems an odd way of going about it, but okay.

After upgrading my Ubuntu machine from 16.04 to 18.04 I was unpleasantly surprised to see that the Unifi management software is incompatible with the version of MongoDB included in Ubuntu 18.04.  Considering this release has been out for 3 months (with betas available prior to that), I would have expected this to have been resolved.

So, here's my feature request: Ubiquiti, please support MongoDB versions newer than 3.4, so that Ubuntu 18.04 (and any other distributions that upgrade MongoDB) users can use Unifi again.

Display WAN IP and Stats on Controller Dashboard

Submitted by -
Status: New Idea

For some reason I thought this already existed, but it doesn't appear so.

 

It would be nice if the controller displayed WAN IP address and other WAN stats on the dashboard.

Support DNS-over-HTTPS

Submitted by -
Status: New Idea

Cloudflare recently published their DNS resolver openly under 1.1.1.1:

https://blog.cloudflare.com/announcing-1111/

https://blog.cloudflare.com/dns-resolver-1-1-1-1/

 

For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-HTTPS: https://developers.cloudflare.com/1.1.1.1/dns-over-https/

VPN site to site status

Submitted by - a month ago
Status: New Idea

will VPN site to site status be re-added to 5.9?

 

it exsisted in 5.8 and seems kind of dumb to remove it. Now i have to cli in to devices and do a manual check for site to site status.

Request

Submitted by - 2 weeks ago
Status: Duplicate

Hello Developers,

 

I noticed that there is only 1 schedule per day in WLAN access setting. Can you make it multiple for a single SSID, i.e. you can schedule WLAN access in the morning (7AM-11AM) only and another in the afternoon (1PM-4PM)? Because creating two (2) SSID's for this purpose is very tediuos and hard to manage.

 

I'm looking forward for the integration of this feature in the next firmware release.

 

Thank you very much!

 

Screenshot from 2018-09-13 11-47-47.png

Adding version to the unifi controller installer names

Submitted by -
Status: New Idea

Many a time have I accidentally downgraded myself due to an errant unifi_sysvinit_all.deb that I thought was the one I just downloaded. If possible suffixing the version on the file name would be fantastic.

USG disable Port forwarding instead of Delete

Submitted by -
Status: New Idea

It would be handy sometime to Disable a Port forwarding rule (for later use), instead of Deleting it.

Disable_rule.jpg

Request: Block Adult Content

Submitted by -
Status: New Idea

Hello,

 

I have a feature request. I know its possible with Cisco Umbrella, but I would like to have it integrated in Unifi products.

 

Is it possible to have a category within the DPI Restriction settings that will block Adult content. Someone from the helpdesk told me that it's possible to select Streaming to block Adult content, but since its 2018 and we also use Netflix and Spotify it's does not make sense to block that aswell. 

 

In some countries adult content is forbidden, but Netflix/Spotify are both not forbidden.

 

Thank you so much!

 

Bluetooth Mesh with Gen3 APs

Submitted by - a week ago
Status: New Idea

Hi all,

 

Since all recent (Gen3) APs have BLE in them, would it be possible to use those for Bluetooth Meshing?

Then all kinds of IoT/EoT/Lightning/iOS HomeKit automation/... could benefit from the extended range?

 

There seems to be a generic wikipedia article about it, but I didn't digg into all the technical specs or requirements.

 

Thoughts or additional info?

 

Thanks,

 

David