Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

New Idea

Easily block an entire country

Submitted by - Monday
Status: New Idea

I'd like to be able to quickly block an entire country worth of IP addresses. This is trivial for a small country, say Cambodia, but with China having over 7000 assigned IP blocks this gets to be a really big headache. Ideally, I'd like a drop-down list of countries to block, and have the IP blocks for those countries pulled dynamically from somewhere like IPDeny


Double bonus points if I can tell it "only allow from USA, drop everything else."  


This is gonna take all week.....This is gonna take all week.....

As an interim measure, can you at least let me copy and paste a huge list of IP blocks?

Include support for USB Cellular Stick in USG.

Submitted by -
Status: New Idea

When I'm comparing between Meraki Security Devices and USG, I realised a very important feature which USG lacks, which is the support for USB Cellular Stick.  


I believe that the support for USB Sticks are crucial for:

1. Deployments that relied on cellular data as their primary connection. 

2. Mission critical deployments which use cellular data as their failover. 


Other than that, I don't see the reason for UBNT to not support USB Cellular Stick because even a cheap $40 mini router from TP-Link supports this function.


Suggestions on how to deploy support for USB Cellular Stick. 

I would suggest UBNT add another option called "USB Cellular Stick" under the  USG > WAN > Connection Type.


In the "USB Cellular Stick" Option, I would suggest putting "Country" and "Carrier" with preset settings like the ones shown below:

Screenshot from 2017-04-22 10-51-48.png


When we select the preset settings, please show the username and password of the preset settings in a blurred out column below so that we know which APN is used with the preset settings (Some Carriers have multiple APNs). 


Other than that, please add a "Custom" settings option under the Username and Password for the APN settings so that we can use custom APNs when the situation requires it.


Personally, I don't think that the Connection Mode and Authentication Type have to be included. 


Supported USB Cellular Sticks.

I would suggest UBNT to support only the mainstream USB Sticks since the USG isn't meant to be a cellular modem/router. I'll leave the supported USB Stick list from Meraki and other vendors below for reference:






Lastly, I would suggest UBNT to include a USB port for USB Cellular Stick on the next revised version of USG-3P so that the USG-3P can be deployed as a teleworker gateway.


Include IPv6 Settings into the Controller.

Submitted by -
Status: Accepted

I'm fully aware that IPv6 can be configured from the CLI now but UniFi is a SDN product which means that all if not most features should be able to be configured from the controller. not from the CLI.


I'm suggesting that UBNT include the IPv6 Settings under WAN settings for USG like as shown below. (Sorry, my drawing isn't very good)

Screenshot from 2016-12-23 23-38-11.png

In the IPv6 Connection Type, the following should be included:

1. Native IPv6

2. Tunnel 6to4

3. Tunnel 6in4

4. Tunnel 6rd

5. Static IPv6


Other than that, the following options in the picture should alse be included:

Screenshot from 2016-12-23 23-50-01.png


I don't know how Asus did it, but their routers are smart enough to get the right prefix without my intervention, I wish USG will have this feature too.


I wish UBNT will include full IPv6 support into the controller ASAP that is easy to setup without much technical knowledge. Ubnt Banana


Thank you.


SFP+ ports in smallest switches

Submitted by - 2 weeks ago
Status: New Idea
At the moment only the 48 port UniFi switch features SFP+ ports.
It would be nice to have two of them available in both the 24 and 16 ports variants? I'm thinking about having a 10Gbps connection to a NAS then serving multiple gigabit clients.

Fingers crossed! Man Happy

Router with optional WAN modules.

Submitted by - Saturday
Status: New Idea

I would like to see a USG with 2 slots for optional hotswappable WAN modules. Similar to what Cisco and other vendors are doing. Maybe some DSL modules, cellular modules, or T1? Basically this would give the installer greater reliability and better monitoring for Failover applications. 

Built OpenVPN Support for Client access

Submitted by -
Status: New Idea

It is i Pain in the rear that there is no  real secured client based VPN support. PPTP is not tthe annswer! Please add a usefull client vpn solution to the USG!

USG passthrough/monitor mode

Submitted by -

I have a couple of networks where I will never replace the router (for one I can't - it's provided as part of the environment) but I would still like to have stats in the controller.


Inspired by this thread:  https://community.ubnt.com/t5/UniFi-Routing-Switching/USG-behing-firewall-transparent-mode/m-p/1534439#M13229


I would like to see a pass through mode for the USG where it passes traffic with no NAT, no firewall rules, no DHCP, etc.  Just analyzes traffic.


Even better - a monitor mode where I could feed a USG a mirror of the port that goes to my exising router so I don't have to have latency of the USG in the packets path. Use it as a sensor, basically.  


I think you guys would sell a boatload of USGs if you supported this!  


EDIT:  It appears to be on the roadmap:  https://community.ubnt.com/t5/UniFi-Routing-Switching/USG-Feature-Roadmap-January-2017-update/m-p/1792230#M31948




In Progress / Near Future

  • DPI support in passthrough mode or on monitor interface


Thanks @UBNT-cmb

Expanded options for IPSEC Peer-ID

Submitted by -
Status: Accepted

It would be nice if the controller and USG supported the ability to use FQDN/Email address as Peer-IDs. This is supported by StrongSWAN and should only require some basic sanity checking in the GUI. Since SWAN can already perform DNS lookups to match the FQDN to an IP, that would be relatively simple. For Email address, possibly add an extra field.


I would like this as some client sites have dynamic IPs and though we have DDNS working, it is a pain in the neck to have to re-IP multiple tunnels when an IP changes.

Traffic stats per month

Submitted by - a month ago
Status: New Idea

I want to see traffic use per month to compare to last month traffic.

I use it on sites with 3g/4g modem so I want to see from month to month how much data traffic thats been used.

Could also be interesting to see at my other places so that I can compare traffic stat and compare per month

USG OpenVPN client w/GUI support

Submitted by -
Status: Accepted

An OpenVPN client for the USG with GUI support.  Routes ALL WAN traffic through the tunnel without additional confugration when the client is connected.  Should by default accept DNS settings sent from the VPN server etc.  You get the idea, limit what ISPs can do to collect, profile, and sell personally identifiable data.

SFP+ on 16 and 24 port switches

Submitted by - 4 weeks ago
Status: New Idea

I would love to see SFP+ ports on all switches. We currently have the 16XG as the center of our fiber backbone which is all 10g fiber going to the seperate building on our campus which has nothing but SFP+. 2 of our switches are the Edgemax 48 and we have thoes along with our main file server connected at 10Gb, but all our other switches are 24's with a couple 16 and 8's thrown in.


It would be nice to have a 10Gb connection between all the switchs reguardless of how many ports are needed. I would pay extra for a SFP+ option

View CPU Ram and temperature on USG's

Submitted by -
Status: Accepted

It would be great to be able to see the CPU and RAM Usage on the USG I know this can be done via SSH. But it would be very nice to see how much is in use just like what you guys have done with the AP's on the latest version of UniFi. Adding a temperature reading as well would be a bonus 


- Tom 

Spanning tree port cost, edgeport, auto-edge UI control

Submitted by -
Status: New Idea

Would be nice to have per-port spanning tree cost, edgeport and auto-edge configuration. 

IPsec IKEv2 remote access VPN support

Submitted by -
Status: Accepted

Should have IKEv2 remote access VPN support for USG in controller.

Define DHCP options in UniFi controller.

Submitted by -
Status: Accepted

This is VERY basic. I can't believe that this is not already part of the interface.


You need this for everything from VoIP to Software deployments, ETC.

UniFI GUI Cable Test

Submitted by -
Status: New Idea

I've seen that a cable test is possible through the CLI - but it would be really helpful to have a cable test in the UI which you click on the switch port on a UniFi switch.

Smart Queue - upload only

Submitted by - 2 weeks ago
Status: New Idea

Please allow Smart Queues to be applied to WAN upload only, leaving download untouched. There are lots of connections with plenty of download bandwidth but severely limited upload. I believe the EdgeRouters support this already so it shouldn't be too complicated I wouldn't think...

VPN status on the dashboard

Submitted by -
Status: Accepted



It would be nice with an overview of the overall status of VPN connections (site-to-site and when the USG is a PPTP VPN client). For some VPN connection types it may be necessary to ping through the tunnel, and perhaps therefore be able to specify a host on the other end that may be pinged, in order to be able to check the health of the tunnel.


This would be very helpful to have included. Right now VPN has a touch of "fire and forget" because there is no status in the Unifi Controller. I have created some images as an example of how it could look.


Add Ping Watchdog support for UniFi Switches

Submitted by -
Status: New Idea

Please add support for Ping Watchdog functionality to Unifi PoE Switches similar to how it works with legacy toughswitch line.  Idea being system monitors an ip, if its down alert and optionally recycle the PoE to that device.



Live Traffic Monitoring

Submitted by -
Status: New Idea

Ability to monitor live traffic much like the monitoring/debugging features on an ASA.