With the upgrade to Unifi SDN 5.9.29 everything went all white - as it should because Unifi devices are white in color. There is a preference setting to make the Settings "gear" screen use a "Dark Theme" which is what Unifi SDN GUI used to use for colors.
I am legally blind. Yes all white is cleaner as a gui and maybe even snazzier. It's a whole lot worse for me. Please allow the "Dark Theme" to apply to the whole Unifi SDN GUI so I can see again. It's hard to see light grey on white icons on the left sidebar and just about everything would be easier for me if I could have the Dark Theme for the whole experience.
currently theres no way to add additinal users to the unifi.ubnt.com controlers portal.
as an entrprise this would be invaluble, we set up many schools with the Unifi controlers and have no way to manage them off site as we have a team of 30 Technitians adding them to the Unifi.ubnt.com access to see all our sites would be invaluble. I woulnt like to give them all access to the same account for security reasons.
I just updated and don't like at all how new unifi controllers looks. To much white and the rest of colors are too light. I think it would be nice to have a dark mode that allows more contrast between background and text and will also rest sight.
The listing of VPN users in the Insights section is odd to me. I think they should be listed where other users and networks are. The current information is also incomplete and lacking. There is an IP heading but never an IP listed. There's no site-to-site at all in 5.9.x yet. I propose something that looks like this and welcome other's input. I have local IP and VPN IP because a user could be assigned an IP via config.gateway.json file that isn't part of the VPN network addresses.
I live in Germany and have been working with Unifi setups for around 18 months. My setup has a USG, an USW-8-150, 2 UAP HD and 2 UAP Mesh-Pros. Now - this configuration covers one house (a townhouse, 3 floors and a cellar, around 2000 sqft) - and while most people may find this funny (or an overkill) I have been overall quite happy with the product and reliability.
Now ... specific to German House construction (probably our pride or phobia or something) is that walls and ceilings are built for some sort of inifinite longevity - they will contain significant amounts of layers of concrete and steal. And ..., as nothing is ever well documented I did not dare put in wired connections to feed to the upper two levels of the house. Those two floors are covered by a couple of AP-Mesh-Pro's, which are multi-hop connections to the AP-HD on the Groundfloor. See below
The big issue is the loss that is created using 5GHz Uplinks from the Mesh-Pro (Upstairs) to the APHD (Living Room). To provide an idea of distance those two AP's are around 6-8 feet away from each other and I spent more than 30 hours getting them positioned and calibrated to provide around 75Mbps TX and 135 Mbps RX - which is a 40% signal ..., the setup of the Living Room is using Channel 48 and the setup of the Mesh's is using Automatic Channel selection.
Now - I believe that the key problem here is that all Uplink / Downlink of the newer generation APs can only be setup as 5GHz and cannot be configured to utilize 2.4GHz, which across the distance here would probably provide better throughput.than the values above.
Also - interesting for those that are looking at setting up similar systems - I had originally setup the GamePort AP to be in parallel to the Upstairs AP (coupled to the same Uplink via AP LivingRoom). The distance here was more like 12 feet and the latest FW (December 2018 - 4.0.10) degraded that connection down to 6.35Mbps TX and I changed it to become multi-hop using the AP Upstairs. That new Mesh-to-Mesh Uplink (it is the exact same floor) provides a steady 450 / 450 Mbps connection. Before the most recent update I had seen around 40-50 Mbps directly to the AP Livingroom, which while not pretty was usable. My fear now is that I have created a bottle-neck in the connection between the Upstairs Mesh-Pro and the LivingRoom HD.
Here is what the Gameport is able to see - the "Upstairs" is 6-8 ft away from AP Living Room, the "Gameport" around 10 - 12 ft:
My experience overall shows that the 2.4GHz connections within German houses are by far superior to the 5GHz connections, when it comes to crossing walls or much worse crossing ceilings. The top floor of my house actually does not have a dedicated AP - it is purely fed by the two Mesh-Pros and all Clients connect on the 2.4GHz channels. (And I always prefer a steady stable signal over one that is faster but unreliable)
And a sidenote - If you want to select an AP-MeshPro as a prioritized uplink it needs to have one of its WLANs for 5GHz turned on - without it the downlink AP (the AP Gameport in my case) will not show it in the Uplink selection. To achieve this I had to artificially turn on the 5GHz connection for one of the WLANs on the Uplink AP (AP Upstairs in my case) side ..., after that it can be selected.
With the current results I would vote for the capability to select 2.4Ghz OR 5Ghz as the Uplink / as the Downlink for Wireless Mesh
There needs to be a good solution for filtering content for children (and adults).
I know this is a tough thing to do but tacking it and having a good easy to use solution would put you way ahead of the competition in opened up a whole new market.
With the latest release of Controller v5.9.29, the ability to see the status VPN connections seems to have been depreciated.
Being able to assess any site-to-site VPN connections from the dashboard would be greatly appreciated.
Cloudflare recently published their DNS resolver openly under 184.108.40.206:
For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-TLS: https://developers.cloudflare.com/220.127.116.11/dns-over-tls/
It's my understanding that the impitus to limited (at least initially) UniFi Protect to the Cloud Key Gen2 Plus hardware appliance (as opposed to allowing "Roll Your Own Server" gear) was mostly about maintaining tight control over other hardware variables, *not* so much the storage subsystem (given the relatively low storage performance requirements, generally sequential nature, etc).
I think if we could have a GUI-presented way to path our video storage directory to an NFS mount for video storage, that would go a *LONG* way to easing people's concerns with the appliance. It makes the appliance much more appealing because, for those that want to (or, businesses that require it), you take away all of the downsides of a single, non-inherently redundent, drive bay (i.e., better redundency, much larger storage capacities, etc).
Given the limited of 20 Cameras for the Cloud Key Gen2 Plus, the actual throughput as generated by the max support cameras, using Full-Time Recording at the highest framerate / bitrate, is only ~120Mbps. Or lets call it 240Mbps if you include the data going back out again via NFS. Either way, nowhere near saturating the 1GbE NIC on the appliance.
Lastly, if memory serves, this is something I believe you can do today in the UVC-NVR running v3.x (granted, it had to be done via the CLI).
Therefore, is there any reason why this couldn't be done with the Cloud Key Gen2 Plus and Protect (perhaps via CLI today and "comming-to-a-Protect-GUI-near-you" at some point in the future)?
Cloudflare recently published their DNS resolver openly under 18.104.22.168:
For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-HTTPS: https://developers.cloudflare.com/22.214.171.124/dns-over-https/
I have seen a lot of users ask for their CloudKey to show up in the Devices list instead of the Clients list.
I agree with this but what about making it have its own tab?
You could have the levels of CPU, RAM, Storage, ect, all in a nice graphical page or something like that.
You could upgrade manually from there
Reboot/ Shutdown the controller (I think the factory reset button should stay in the settings area though)
IF you guys ever let us change the CK screens, those options should be in this tab as well
This could be a really cool way to showcase the controller.
If its not a CK or CK Gen 2 or + model, maybe give more details about what its running on. I.E. CPU, Memory, Storage stats of where the controller is running.
Show what type of OS its on (All stats that one might want to try and help someone figure out a controller problem) Such as cloud access status. It could be a little cloud with a "X" through it, if not working, just like the LCD screen has.
I would imagine this could be a very helpful page to have. The controller settings can keep what it has now.
As of now there is no way to configure a site2site VPN in the GUI if one or both ends of tunnel have a dynamic IP.
Yes - it is possible to achive this through config.gateway.json but if it is done this way, connections will not occure in the dashboard.
Is it so hard to accept FQDNs instead of IPs in the concerned GUI-Fields?
It would be very helpfull for a lot of SMB-Admins who have to deal with multiple small sites behind VDSL or DSL lines.
Pleas folkes - for christmas!
BTW: I'm deeply impressed by your work - keep the pace!
Regards Tim Leuschner
THis is a *MUST HAVE* feature which Meraki (focused on school districts) has.
It is pratically impossible to beat them on a RFC when a superintendent ask if out of the box we can block adult contents.
Please add this feature, and extend the DPI Restriction categories
Can you please add a Downlink port identification, just like the way you already do for the Uplink. I need to detect if someone plug a new switch (manage or not / UniFi or not) into UniFi switch in my networks.
thank you !
I have a USG-PRO-4 and just switched from pfSense. In pfSense I was able to catch all outgoing DNS requests (regardless of which server they were pointed at) and redirect them to some other internal or external DNS server. Part of my security and content filtering strategy requires this but there is currently no easy way to do it with the UniFi controller.
Can this be added as an option in the controller GUI? Something like a checkbox that says "Redirect DNS Requests" and a field to manually enter an address.
Currently files have to be modified by hand and the changes won't persist once a change is made to the USG from the controller. Below are a few links that outline the necessary changes, which can't be done from the controller.
When a device has been disconnected we receive email notification starting ALARM width a RED header (banner).
Then the device is back online and we'll get the email notification stating CONNECTED but with same RED header (banner).
Vissually is easier to identify a critical event from a "good news" notification if RED and GREEN codes are used.
Can we fix that ?
- ASCHMB on: CK Gen 2+
- Dave-D on: Provide full documentation for the controller system.properties file in the controller .pdf guide
- SprockTech on: Add "Device disconnected for X minutes" and "Device reconnected" event notifications
- tread on: LLDP Capability WAP Only
- EDPR on: Coud Key - ip fallback when IP conflict on LAN
- serwismaster18 on: UNIFI
- swoodworth79 on: Bring back Dark Theme for whole GUI
- Heeren on: WLAN Schedule
- jazzli on: Ability to Power Cycle PoE ports, individually, on UniFi Switch
- pchelp-kempten on: UniFi default block new mac address
- Filter out one specific client from making connection
- Add client to network white list when configuring client
- Configurable Device Standby
- CK Gen 2+
- Timed based access
- Provide full documentation for the controller system.properties file in the controller .pdf guide
- Split web server and db server functions in controller
- Feature Request: Header should be visible when scrolling in Unifi Controller (or be a preference)
- Feature Request: Shift-Click to select multiple objects in Unifi Controller
- Client Alias DNS