A note field or note system would be handy to store some info abou the site in.
This would also allow scripts and programs to store config data in the controller for that site making shure that they are correct with the site even after a backup restore.
I have a couple of rooms that currently I cannot pull UTP to unless I cut holes, and I am not at a point to where I want to do that. I have coax in those areas, so I have been contemplating buying some MoCa adapters to extend my physical network to those locations.
Then I got to thinking, I would like to find a MoCa adapter that was similar to the in-wall access points sold by Ubiquiti, and an even better idea is if Ubiquiti would choose to make such a creature. It could have coax-in on the back with an ethernet port and coax-out on the bottom.
If there was a way to integrate Power over Coax or something that would be kind of cool. But I don't know how much of that is possible and provide the data connection.
Right now, when you need to remove a Super Admin (full admin rights on ALL sites), your only option is to downgrade the account to 'Administrator' which places an admin object on each individual site. So if you are managing a large number of sites you must then page through each site (70 in our case) to remove the admin account from each and every site. And hopefully you don't miss any!
This behavior leaves us with two unnatractive options:
- Share a single Super Admin login for all technical staff managing our customer's UniFi sites. Violates any number of compliance standards.
- Create proper named accounts for technical staff, but be left with no way to terminate a superadmin user in a safe & sane fashion when needed. When an superadmin leaves under good terms, this is simply painful & prone to error. If a superadmin is leaving under bad terms, there is really no way of quickly removing their access short of taking the controller offline while the downgraded admin rights are removed from each and every site 1 by 1.
- Further grades of adminstative access; either fixed or definable based on roles.
- Ability to fully remove and administrator with 1 click.
- SuperAdmin: Full rights on all sites. Only level that can manage controller-wide admin accounts.
- ControllerAdmin (New): Full rights on all sites. Can't create other controller-wide admin accounts (SuperAdmin or ControllerAdmin). Can create individual Site-Admin accounts.
- ReadOnly: Dashboard access for viewing stats & widgets. Cannot alter settings. CANNOT VIEW SSH LOGIN INFO for device management.
It would be really nice if we could just define rights ourselves; there are many situations in which I'd like to let the customer manage view their site, manage their WiFi keys, but not have access to modify LAN networks, upgrade firmware or view SSH credentials.
Couldnt find cloudkey listed under ubnt devices. its hidden in the client list.
relocate this into the ubnt list of devices.
Support said it couldnt be done as it attaches to a switch. Guess what. So do APs and they are in the device list.
The Airtime and Airvierw screens use MAC addresses only for those that map to known (to the controller) base stations and devices, it would be great to have the name as well as the mac address.. Thanks!
I just updated and don't like at all how new unifi controllers looks. To much white and the rest of colors are too light. I think it would be nice to have a dark mode that allows more contrast between background and text and will also rest sight.
Seriously. This product is now direct competitor to a sonicwall or even a TP-Link router. So far here are the limitations and lack of featrures I have discovered:
1. Cannot reserve IP addresses via MAC address in DHCP configuration section.
2. Have reservation list section on the DHCP configuration page.Almost all routers do this. I do not want to have to search through clients and devices to see who has static or DHCP assigned IP address.
3. List the Cloudkey device in the UBNT device summary. The ubnt controller is to control ubnt devices. Why do you put the cloud key into the clients section. That doesnt make sense.
4. Be able to assign WAN priority in the controller UI. Not under CLI. Seriously. You want us to configure using this process???
5. Be able to see the USG logs in the controller. Not via CLI. You have a statistics page, why cant you display the logs this way. 6. Have a refresh function on the logs summary page to see errors in real time.
7. USG is very slow to configure, save, provision and restart even on simple changes.
8. Discovered cloudkey no longer links to ubnt online account if USG switches from WAN1 to WAN2. This should not happen. Rather than base the cloudkey link via an IP address, it should use the userid and password entered on the cloudkey section of the page. Or at least allow it to do periodic checks for IP address changes.
9. Reduce the number of updates pls. Everytime I log into the controller it would seem there is yet another update. Can you do monthly or something. Its good enough for microsoft, why not UBNT.
10. When a controller has multiple sites, be able to delete the default if others exist.
11. Better error msg on initial password setup for controller We were not providing a secure enought password, but the error msg (lack of), did not say this was the problem.
12. Somewhere on cloudkey storage keep historical and cumulative traffic statistics on devices and clients. Important in problem analysis.
Thats what I can think of for now.
I'd like to suggest the unifi controller (and really any other ubnt software such as the unifi video netvr) not display the software version number until after a user has successfully logged in. The idea being it is better to not disclose the version number to anyone who stumbles upon the login page as that information could be used to determine if a server is running the latest version which could then be used to determine what type of exploits might be successful against said server.
as you offered already for wifi access "User based time control of wifi access"
please also offer a possibility to time control the internet or LAN access for wired devices.
Example: I want to restrict the access (internet or complete LAN) for my kids
Sunday-Thursday 23:00 - 6:00
In Germany the Fritz Box is very common as intelligent modem/router - here you can define device groups (e.g. "kids") and define such internet access times per device group. Or filters (blacklists/whitelists) for web pages etc. Or restrict access to x hours in the defined time schedule.
I have seen a kind of solution in Time based drop all on LAN_IN for certain devices
but this seems to complex for me - I need a graphical interface in my unifi controler such as
In this example access is granted on Monday from 6:00 to 22:00 - but only for 1 hour in this time frame.
On Saturday and Sunday here 2 hours are allowed.
For wifi unifi already provides a kind of WLAN schedule - but not that nice as above shown AVM Fritz Box does:
Ubiquiti should create an app store that services the UniFi platform.
Such is the variety of requirements of UniFi customers, that Ubqiuiti could never fulfil them all.
An app store would allow third party products and services build within the UniFi platform and create multiple long tail solutions that would enhance the overall value of the platform
Powerful apps and integrations to assist, engage and retain more customers with UniFi
I found this beta forum discussion and thought I would create a feture request for it - Multi Site Management
Some excelent ideas on there:
1. Allow segmention of sites on a controller by an additional level so we could tier sites by location or importance?
2. Schedule configuration for notifications. I don't really want to know what is going on between midnight and 5AM (for example), so if we could define multiple schedules which we couple apply to sites for notifications I wouldn't spend my whole life with so many notifications that I can't filter out the important ones.
3. Consider how long it takes to upgrade these sites when required...I like to segment sites into beta for initial updates and then roll out to the rest in two phases...the thought of having 150+ sites go down due to a failed update (think about Microsoft OCT 2018 Windows update) is horrifying. It would be nice to be able to group sites and update groups of sites one click.
From @scott_thomson wrote:
- Multi-site alert viewing & clearing (sites overview is insufficient, painful to page thru each site to view & clear alerts).
- Multi-site seach & reporting: Show me all sites with X, Y, or Z model. Show me firmware versions across sites.
- Mulit-site firmware management & scheduling.
- Multi-site option control: Oh, this new firmware version sh*ts the bed if Speedtest (or DPI or IPS, etc, etc) is on? It'd be nice to turn that off enmasse from one place instead of having to page through each and every site.
Basically the idea is to group multiple sites together as one tenant - with its own set of admin/read-only users, guest portal per site / tenant and tenant dashboard with overview of all sites.
Understandably this would probably require quite a rewrite of the current controller, however this would make for an ideal MSP solution.
Please allow option to customize the wording used for WiFi Experience/Network Status (UniFi Status Healine) message. Phrases such as:
- Everything is Awesome
- All is Well!
- System Needs Attention!
- Things are lookikng pretty good!
Under the Switch Stats, the details are only for individual ports. When a LAG is defined, each member port still shows stats only as an individual port.
It would be nice to allow showing stats for the LAG as a group, reporting the aggregate traffic for the entire LAG.
I would use the new Ubiquiti Cloud Key Generation 2 Plus Controller, but the most important function I miss is
Full Disk Encryption or File Based Encryption
- nobody that steals the device can extract or view the videos I have recorded
- nobody that steals the device can extract the credentials that were saved in the configuration
- nobody that gets the device in whatever way is able to analyze my Wifi-Connect times (which could be used to determine when I was at home and when not)
I thought about something like the
- Android 8.0+ FBE Implementation while the security relies on the Trusted Execution Environment Implementation
- Windows Pro+ FDE Implementation which relies on Bitlocker in combination with a TPM Chip.
I would see device encryption on USW/Cameras as not so important as it always contains only parts of the configuration and is much more complicated to be extracted.
Without these functions, Persons focussed on Security will always have to use native x86 Setups on their already encrypted devices.
With the upgrade to Unifi SDN 5.9.29 everything went all white - as it should because Unifi devices are white in color. There is a preference setting to make the Settings "gear" screen use a "Dark Theme" which is what Unifi SDN GUI used to use for colors.
I am legally blind. Yes all white is cleaner as a gui and maybe even snazzier. It's a whole lot worse for me. Please allow the "Dark Theme" to apply to the whole Unifi SDN GUI so I can see again. It's hard to see light grey on white icons on the left sidebar and just about everything would be easier for me if I could have the Dark Theme for the whole experience.
We desperately need 2FA for LOCAL ADMINS on the UniFi controller. The cloud solution that was implemented here does not work for everyone as some controllers cannot be linked to the cloud: https://community.ubnt.com/t5/UniFi-Feature-Requests/TOTP-Multi-factor-Authentication/idi-p/1169165
There are a TON of compliancy issues with not having 2FA for local admins on the controller. We desperately need a solution here. Thanks.
On the unified gateways, you should be able to add multiple IP addresses to the WAN port and be able to assign port forwarding and VLANs to each IP address using the controller vs having to do it through the command line. Most of your competitors have this out of the gate. Shouldn't be that hard to add.
- sanandreas on: Ability to remove default site when multiple sites available
- dkbishop1 on: list cloudkey on ubnt device liston controller not in client list
- sanandreas on: DCHP settings ability to reserve IP address to a device MAC address in controller
- sanandreas on: USG has too many limitations. Basic functions on most other routers are missing or not supported
- jmorgan_xx on: New Product: Unifi MoCa
- jprillhart on: Unifi Controller Refresh Rate Setting
- mnaz on: When using Unifi it would be nice to be able to force a backup, rather then wait for the autobackup.
- scott_thomson on: Multi-tenant UniFi controller
- Jardin_Espanol on: To be able to see a history of temperature and to be able to get over temp alerts
- Jardin_Espanol on: Switch Stats, allow LAG groups to show stats for the group
- [Request] Logging failed attempts for Network
- Allow access to the controller for Ubiquiti Live Support.
- Video NVR: Categorize , Label recorded Videos
- Notes field to record helpful info
- Better error msg when setting up controller password. Not clear enough
- Ability to remove default site when multiple sites available
- list cloudkey on ubnt device liston controller not in client list
- DCHP settings ability to reserve IP address to a device MAC address in controller
- Ability to set either WAN1 or WAN2 as primary on USG
- Port forwarding WAN2 on USG not supported on controller. Accepted 11/17/2016 still waiting