New Idea

Official Lets Encrypt Support for HTTPS

Submitted by -
Status: Accepted

Rather than self-signed certs, web-exposed controllers should have the ability to grab and automatically maintain a Let's Encrypt cert as a one-click solution.

 

Forum thread: http://community.ubnt.com/t5/UniFi-Wireless/Lets-Encrypt-and-UniFi-controller/m-p/1406670#M131139

Controller based automatic channel and power selection

Submitted by -
Status: Implemented

Really the one feature that I consider makes it a "managed" solution. Would love it if the controller could automatically pick channels and power strength. Preferable on a regular basis to adapt to any new sources of interference or if adding in a new AP.

Unifi Controller Redundancy

Submitted by -

There should be away to provide controller redundancy - currently if the controller goes off line (hardware crash, or service shuts down), the access points go into autonomous mode.  This means guest networks end up either being locked out, or if access is  granted there are no limitations (other than restricted networks, etc).  

Please consider implementing the ability to have redundant controllers - a primary and secondary source. So that if the primary is offline, the AP contacts the secondary.  Synchronization of the primary and secondary controller should be easy enough to arrange. 

 

 

Duplicates:

http://community.ubnt.com/t5/UniFi-Feature-Requests/Unifi-Controller-with-Simultaneous-Operation/idi-p/1165891

http://community.ubnt.com/t5/UniFi-Feature-Requests/Unifi-Controller-Replication-amp-failover/idi-p/1232003

Make multiple configuration changes - Reboot only once.

Submitted by -
Status: Implemented

When changes are made in the UniFi GUI, the AP's immediatly applies changes, causing a reboot/reprovision, usually of multiple access points.  Most of the time I find that I need to make multiple changes, which results in multiple reboots, most of the reboots could be avoided. 

I propose that configuration changes not be applied immediately but rather that the UI offer an APPLY CHANGES button.  Or even an option to apply changes in a rolling fashion or on a per-device basis, much like the existing "Upgrade" firmware option.  This would enable a minimum of disruption when configuring, especially in places where an AP client is covered by more than one AP.

 

 


Duplicates:

http://community.ubnt.com/t5/UniFi-Feature-Requests/changes-without-going-offline/idi-p/654507

Statistics Page

Submitted by -
Status: Implemented

The statistics page needs more useful, granular data. Specifically, I'd like to see this page graph bandwidth statistics instead of transfer amounts. This would enable admins to gauge saturation of uplinks, etc. Transferred amount seems significantly less relevant than bandwidth utilization.

The addition of bandwidth usage by access point, and by user to the statistics graphs would also seem very important.

 

I believe this would be a huge asset to the the unifi controller. CloudTrax / OpenMesh implementation of this is an excellent example:

8154303_f520.jpg

Provide official UniFi Controller Package for Synology Devices

Submitted by -

I have an UniFi AP powered Wifi running here (with multiple devices) which was controlled by a Unifi controller installed on a Windows Server. However, the later one's purpose is solely to run as a controller for the UAP devices as the rest of the functionality was replaced by a Synology NAS device (particularly the 1513+ model).

Coincidentally, one of my small-business clients is in the same spot - thinking about replacing the existing, orphan Wifi infrastructure and NAS system and I would suggest Unifi's without hesitation to them and also clearly the Synology ones, but unfortunately there's no convenient way to combine the two - run the controller on the NAS. As the Synology Operating System is actually Linux and the SMB models are mostly x86 ones, it shouldn't (and apparently isn't) be too hard to provide an official Ubiquiti package for it.

 

Cheers and thanks,

-J

Client location tracking on map with 3 or more APs

Submitted by -
Status: New Idea

Show me the approximate physical location of all connected clients on the map when in range of at least 3 APs.  Other vendors are doing this.

 

Support DNS-over-TLS

Submitted by -
Status: New Idea

Cloudflare recently published their DNS resolver openly under 1.1.1.1:

https://blog.cloudflare.com/announcing-1111/

https://blog.cloudflare.com/dns-resolver-1-1-1-1/

 

For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-TLS: https://developers.cloudflare.com/1.1.1.1/dns-over-tls/

Radius controlled VLANs

Submitted by -
Status: Implemented

VLAN assignment from a radius server.

This is where an SSID is advertised which connects users to different vlan's based on the response to their authentication on the radius server.

More information http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml

This is a must have feature for many organisations.

This post describes it further http://community.ubnt.com/t5/UniFi/Radius-controlled-VLANs/m-p/273783#U273783

 

 

Duplicates: 

http://community.ubnt.com/t5/UniFi-Feature-Requests/Radius-Based-Vlan/idi-p/1270611

 

 

---

Edit by @UBNT-Brandon

There is an beta of this firmware available. I just posted it in the UniFi Wireless Beta section. 

 

Sign up for Beta:

https://help.ubnt.com/hc/en-us/articles/204908664-How-To-Signup-for-Beta-Access

 

Gen1 hardware (UAP, UAP-LR, UAP-OD, UAP-OD5, PicoM2, UAP-Pro, UAP-OD+):

http://community.ubnt.com/t5/UniFi-Wireless-Beta/1ST-GEN-QCA-UAP-RADIUS-controlled-VLAN-firmware/m-p/1470884#U1470884

 

Gen2 hardware (UAP-AC-PRO, UAP-AC-LR, UAP-AC-LITE):

http://community.ubnt.com/t5/UniFi-Wireless-Beta/2ND-GEN-AC-ONLY-RADIUS-controlled-VLAN-firmware/td-p/1415486

 

Cheers,

Brandon

Smart Radio Management

Submitted by -
Status: Accepted

Hi guys, is there any chance Ubnt can make a function similar to Aruba's Adaptive Radio Management or Ruckus's Channelfly? This could help people with dedicated UniFi Controller to have better performance and allows the UAPs to optimize themselves (controlling Transmit Power and choosing the best Channel) automatically preventing interference from each other without needing a IT. This could really help when it comes to large deployment in companies, saving their IT hours of walking around with WiFi Analyzer tweaking the WiFi. As we all know, as of now setting Transmit Power to Auto is essentially setting it to High and this problem has been known for years. I guess this is a change that benefits most people. 

 

Thanks, 

Jack. 

Reatime Bandwidth usage by client

Submitted by -
Status: New Idea

It would also be nice to be able to see realtime bandwidth usage by client so that if I particular user or device is suddenly hogging bandwidth it can be identified.

Map Section of Web Interface - Intelligent Heatmap?

Submitted by -
Status: Implemented

Hi Guys,

 

I have been using Aerohive Aps for quite a while now and 1 feature that is really nice is the ability to have a heatmap of the site in the online hive manager. Similar to the Ubiquiti implementation, but it recognises walls and other structures and adjusts the coverage radius accordingly. The user has to manually draw the walls locations and select what type of material (i.e. Concrete, Brick, Drywall, Wood...etc). Then you have a pretty accurate visual display of your coverage area taking into account the structure around it.

 

I hope that makes sense,

Thanks,

Derek.

 

 

Aerohive Heatmap

Hashing the passwords (Do not store in clear text)

Submitted by -
Status: Implemented

Please don't store the passwords (admin/user/...) in clear text (if anybody manages to get into the machine hosting the controller, people will have a leak).

Passwords should be salted and hashed, and the password reset functionality could be done through a script that will simply set a new password in the database.

Support DNS-over-HTTPS

Submitted by -
Status: New Idea

Cloudflare recently published their DNS resolver openly under 1.1.1.1:

https://blog.cloudflare.com/announcing-1111/

https://blog.cloudflare.com/dns-resolver-1-1-1-1/

 

For fully preventing plaintext DNS queries over the public internet, one would require a DNS resolver to support DNS-over-TLS or DNS-over-HTTPS. As such, it would be great if USG could support DNS-over-HTTPS: https://developers.cloudflare.com/1.1.1.1/dns-over-https/

Per SSID MAC Filtering

Submitted by -
Status: Implemented

I would like to see per SSID MAC filtering (Allow all, whitelist, blacklist etc), I realise MAC filtering provides a limited amount of security however it is an important tool in a layered security approach.

Ideally this could be implemented per SSID so that you can run a whitelist (allow only listed MACs) on the corporate network, and allow all (potentially with blacklist) on a guest network.

 

 

Duplicates:
http://community.ubnt.com/t5/UniFi-Feature-Requests/MAC-address-Whitelist/idi-p/1174586
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/20
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/270
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/331
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1100
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1583
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1600
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/2065
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1643
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1140
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1963
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/141
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/2206
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/1579
http://community.ubnt.com/t5/ideas/v2/ideapage/blog-id/UniFi_Ideas/article-id/2168

Backend / Administrative Area LDAP integration

Submitted by -

It would be really great if the UniFi backend portal could be integrated with a LDAP (or ActiveDirectory) infrastructure.  Being able to assign sites and privileges based on LDAP/AD username or group membership would be amazing.

Almost every other software package we use has this ability and has greatly reduced the burdon on securing everything (Remembering to go through every package we use and deactive accounts when someone leaves), and it means the end user only needs to remember one username/password combination.  Adding/removing a user from a system is in a centeralized place.

 

Duplicates:
http://community.ubnt.com/t5/UniFi-Feature-Requests/Active-Directory-LDAP-admin-authentication-on-unifi-server/idi-p/619103
http://community.ubnt.com/t5/UniFi-Feature-Requests/Controller-login-control-based-on-LDAP-RADIUS/idi-p/776658

Site names organizing important!

Submitted by -
Status: New Idea

 

Organizing and changing like this  the site names and in subcategories will give a big advantage  even with thousands of devices and installations will be mush more fast and ofcourse  no errors or meshing up diferent site confiqurations or no finding the correct site name ....       example in  the photo below

 

 

large.pngSite names