New Idea

Include IPv6 Settings into the Controller.

Submitted by -
Status: Accepted

I'm fully aware that IPv6 can be configured from the CLI now but UniFi is a SDN product which means that all if not most features should be able to be configured from the controller. not from the CLI.


I'm suggesting that UBNT include the IPv6 Settings under WAN settings for USG like as shown below. (Sorry, my drawing isn't very good)

Screenshot from 2016-12-23 23-38-11.png

In the IPv6 Connection Type, the following should be included:

1. Native IPv6

2. Tunnel 6to4

3. Tunnel 6in4

4. Tunnel 6rd

5. Static IPv6


Other than that, the following options in the picture should alse be included:

Screenshot from 2016-12-23 23-50-01.png


I don't know how Asus did it, but their routers are smart enough to get the right prefix without my intervention, I wish USG will have this feature too.


I wish UBNT will include full IPv6 support into the controller ASAP that is easy to setup without much technical knowledge. Ubnt Banana


Thank you.


Wake-On-Lan for clients

Submitted by - 2 weeks ago
Status: New Idea

In the clients menu it would be nice to be able to click on a lan client to pull up its properties and then have a tools tab that includes sending a Wake-On-Lan packet. You could also include things like ping and iperf bandwidth test support in there as well to facilitate diagnostics.

Spanning tree port cost, edgeport, auto-edge UI control

Submitted by -
Status: New Idea

Would be nice to have per-port spanning tree cost, edgeport and auto-edge configuration. 

Expose internal firewall groups in UI

Submitted by - 3 weeks ago
Status: Accepted
There are several auto-managed firewall groups like "unifi_controller_addresses" and "corporate_network" that I'd like to use in my rules. Instead, I need to create & maintain my own copies which is more error prone.

Built OpenVPN Support for Client access

Submitted by -
Status: New Idea

It is i Pain in the rear that there is no  real secured client based VPN support. PPTP is not tthe annswer! Please add a usefull client vpn solution to the USG!

Live Traffic Monitoring

Submitted by -
Status: New Idea

Ability to monitor live traffic much like the monitoring/debugging features on an ASA.

USB LTE/4G Failover

Submitted by -
Status: New Idea

Have a configuration screen to allow the inclusing of USB WAN devices for the USG.  Plenty of workarounds are posted, but nothing direct.


In my example, I've taken a MikroTik, and nat to the usb LTE interface from a VLAN.  That VLAN is trunked on the trunk, a port on the switch is configured for that VLAN and carried to to WAN2.


We really should have a simple built in option to attach devices directly to the USG, then check a box for failover.

USG Parental controls - Group controls (kid1 devices in a group) - Allot time per application

Submitted by -
Status: New Idea


I'd like to see a way to do granular parental controls. 

Such as creating groups and then adding all devices (wired & wireless) from each kid into a kid1-group for each kid (kid1,kid2, etc), then granular alloting time for all devices from kid1-group, and alloting time per application per kid1-group, assign webprofiles to kid1-group,  etc, and then a "superhandy interface to add and delete apps, time, block etc, " see below for more detail.


Currently have :

  • 1 USG
  • 1 Unifi Controller
  • 2 Unifi US-8-60W switches
  • 2 Unifi AP AC PRO access points


Got into Unifi for stability purpose and so I could properly separate out the guest wifi and with a VLAN. Also I like the SDN approach, the interface and the application on the phone/tablet.


In my previous network setup I had some possibility to do timed access control for all devices (not just wifi connected by also all hardwired ones). I also had the option to assign predefined web/url profiles to each device (and the option to use a customized profiles based on the webcategories available for these profiles).


Nice that you can assign hours of use to wireless networks but you cannot to hardwired networks.

And overall it would e easier if an option like this could also be assigned to a "group" with devices in it.


Overall would be very usefull to have some (much more) parental controls / group controls


1. Create user groups based on a set of devices

  • Including not just wireless devices but also wired devices
  • usergroup "Kid1": Tablet (wifi), phone (wifi), laptop (wifi), desktop (wired ethernet) 
  • usergroup "Kid2": Tablet (wifi)
  • And allow to create groups with groups in it: Kids group includes Kid1 and Kid2


Then be able to do various types of controls with these groups:


2. Control Internet access times through the USG (on basis of a group):

  1. block traffic between 10:00PM-08:30AM for all devices assigned a "user group" kid1
  2. block traffic between 8:00PM-08:30AM for all devices assigned a "user group" kid2
  3. etc


3. Amount of time that can be used per "user group"

  • I.e. assign 4 hours to all devices in "user group" kid 1
  • Assign amount of hours per day, for example assign 4 hours for Tuesday to Sunday, and Monday is computer free day so is 0 hours.
  • Allow the option when devices are used at the same time that only counts as if one device was being used.



4. Control "access times" and "alloted time on a day"  easy via the unifi App on my phone (and controller)

  • A view that shows "user groups" 
  • Per "user group" "easily" add additional or reduce time or block the "user group" (all devices in that group), s
  • Give an extra 15 minutes or 30 minutes outside the assigned time.
  • Per "user group" easily increase the time one off to end a bit later i.e. this day you can use Internet till 11:00 PM instead of 10:00PM by pressing "add 15 minutes to end time"
  • Block for that day (block button that only blocks that day and goes back to the program by end of day). 


5. Possibility to create "webfiltering profiles" 

  • Options to create "allow lists", "block lists", based on "custom urls"
  • Option to use "predefined website categories" I.e. block categories such as, Adult, Advertising, Dangerous materials, Drugs, Gambling, Malware, Phishing, Redirector, Hate, Violence, etc
  • And then also the option to customize these categories.


6. Per group control assign a "webfiltering profile"



7. Assign firewall rules against "user groups"



8. Have predefined firewall rules / profiles suitable for kids (similar to webfiltering profiles).

  • Then assign a "usergroup" to such a firewall rules profile


Had webfiltering profiles I could assign per device on my synology RT1900AC, that was very usefull. I.e. block the kids from in particular known malware sites was usefull (but also adult and hate I thought very usefull).


9. Allot time per application (use DPI) per "all devices in a user group"

Since the USG already does DPI also define "alloted time" per application (DPI based)

  • I.e. "devices in user group KID1" can use 60 minutes Facetime per day / Kid 1 and all his/her devices can do 60 minutes facebook per day .
  • I.e. "devices in user group KID1" can use 120 minutes Netflix per day


Edit 1: as mentioned below Circle is a very good example, like the level of granularity, easy interface, etc.

Would be nice if something like that were implemented (software wise, or as a separate hw component) .



Edit 2: added tying DPI data to "user  groups".


Speed control for wired guests on USG

Submitted by -
Status: New Idea

in "networks" i created a network called "LAN guest" with purpose as "guest" and VLAN 2 ID & IP series


USG is serving guest portal to LAN users but it's not controlling the speeds, and i doubt it's controlling the Time & data limit as well.


When will guest controls be provided for LAN guests?




USG should be able to handle wired guest similar to how unifi APs do, with designated speed, data n time limits set using API

Allow configuration of switch LACP load-balance mode

Submitted by -
Status: New Idea

port-channel load-balance allows configuration of 7 different modes. UniFi switches can only use the default 3 currently, should UI-expose configuration of this parameter. 

Define DHCP options in UniFi controller.

Submitted by -
Status: Accepted

This is VERY basic. I can't believe that this is not already part of the interface.


You need this for everything from VoIP to Software deployments, ETC.

View CPU Ram and temperature on USG's

Submitted by -
Status: Accepted

It would be great to be able to see the CPU and RAM Usage on the USG I know this can be done via SSH. But it would be very nice to see how much is in use just like what you guys have done with the AP's on the latest version of UniFi. Adding a temperature reading as well would be a bonus 


- Tom 

USG passthrough/monitor mode

Submitted by -

I have a couple of networks where I will never replace the router (for one I can't - it's provided as part of the environment) but I would still like to have stats in the controller.


Inspired by this thread:


I would like to see a pass through mode for the USG where it passes traffic with no NAT, no firewall rules, no DHCP, etc.  Just analyzes traffic.


Even better - a monitor mode where I could feed a USG a mirror of the port that goes to my exising router so I don't have to have latency of the USG in the packets path. Use it as a sensor, basically.  


I think you guys would sell a boatload of USGs if you supported this!  

USG DHCP MAC Address Reservations

Submitted by -
Status: Accepted

it would be great to have the possibility to preconfigure a static IP address for devices inside Controller GUI via MAC Address before you connect the device to the network.



IPsec IKEv2 remote access VPN support

Submitted by -
Status: Accepted

Should have IKEv2 remote access VPN support for USG in controller.

UniFI GUI Cable Test

Submitted by -
Status: New Idea

I've seen that a cable test is possible through the CLI - but it would be really helpful to have a cable test in the UI which you click on the switch port on a UniFi switch.

IPTV (VLAN bridge) on USG

Submitted by -
Status: New Idea

Many ISPs deliver multiple services with diffrent VLANs.


USG currently works with internet delivered with VLAN tags. "Use VLAN ID" settings in the GUI.


ISP also deliveres IPTV on a seperate VLAN which needs to be only bridged. (NO NAT, NO firewall, nothing) the settop box will request DHCP directly from the ISP


Many of the consumer grade routers have these predefined by country and ISP, or just let the user enterteh VLAN ids.


USG GUI can just enable the option and manual input of these VLAN ids, even dedicate the VOIP port for IPTV instead.


Performance Graph - if no data, don't show zero please

Submitted by -
Status: New Idea

If there isn't any data present for a day, can you just leave the data point off the chart please rather than have it show zero?  I Find this graphic misleading to casual viewers in this state.



Keep DPI Data in controller long-term

Submitted by -
Status: Accepted

It would be really helpful if the controller would keep and display DPI data after a reboot of the USG.

firewall reporting for inbound connection attempts

Submitted by -
Status: New Idea

Could we have a daily security report of inbound connection attempts on the firewall?