New Idea

Upgrade Linux kernel to newer LTS version

Submitted by -
Status: Invalid

This has already been suggested for the EdgeMAX series in,

 

https://community.ubnt.com/t5/EdgeMAX-Feature-Requests/Upgrade-Linux-kernel-to-at-least-4-4/idi-p/2140663

 

but it is just as important for the UniFi series of products. The Linux 3.10 kernel has reached end of support in November 2017 and will not receive security fixes from upstream. Especially with network equipment security is vital, hence UniFi products must be upgraded to use a supported kernel.

Update Firmware to Give Unifi Switches Layer 3 Routing

Submitted by -
Status: Invalid

Please update firmware for existing Unifi switches to make them layer 3 switches.  This functionality was originally advertised on the product page for the switches for quite some time last year and quietly all mention of layer 3 routing was removed.

 

Screen Shot 2015-08-05 at 4.50.35 AM.png

Unifi Switch Fan Control

Submitted by -
Status: Invalid

It would be nice if we had the ability to control the speed of the fan, that can be overide automatically if it does get too hot. Let say, you can keep it on at a low speed so that it doesn't have to turn on and off, and automatically switch to a higher speed if it does get too hot. That will greatly improve my sex life, as my wife will stop asking "why the hell is that thing turning on and off?".

USG Web Based Cli

Submitted by -
Status: Invalid

Why can't the unifi line have a web based CLI like the edge router does? Espically since we have to configure so many thing through SSH...

Add STP to USG so 2nd LAN port used as LAN Failover

Submitted by -
Status: Invalid

The LAN1 and LAN2 should have STP to you could connect LAN1 port to switch A and LAN2 port to switch B. That way if switch A goes down, the LAN2 port would come online and still provide DHCP service to the network via LAN2.

USG like pfSense

Submitted by -
Status: Invalid

Basically mirror just about every function of pfSense to USG!  :-)  I would start moving my clients to USG the next day and then have full UniFi across the board on them.

Exclude speed test traffic from dashboard throughput graphs

Submitted by -
Status: Invalid

It would be nice if the traffic generated by the periodic speed test (which seems to be quite frequent) doesn't get included in the maximum throughput on the upload/download graphs on the dashboard.

 

As it is now, the maximum throughput data is relatively useless - I'd rather see the maximum throughput obtained from clients, not the router itself. (perhaps another metric is needed ?)

Global reset

Submitted by -
Status: Invalid
Imho there should be an option for a global reset of hardware like hard to reach AP’s on high ceilings.

For example, a software setting that when checked, the reset button globally resets the following hardware. And you can further check what hardware to reset.

IPTV

Submitted by -
Status: Invalid

At this stage in the networks settings you can define a network for
 - Corporate
 - Guest
 - Voice
 - VLAN Only
 - Remote User VPN
 - Site-to-Site VPN
 - VPN Client
I would be great to have added another network type specific to IPTV and tailored for multicast traffic

With automated firewall set-up from the network config ( like voip )

Possibility to set DHCP options like ;  vendor-class-identifier code 60 and option broadcast-address code 28 

 

 

USG Controller adoption to a Cloud Controller via config file (persistent thru reset)

Submitted by -
Status: Invalid

As it said, an optional file which you can place on the USG (before placing it somewhere remote).

That even IF you reset the USG to default, it always uses it if it is present.

In the file just the inform URL, to which it should inform.

This would also fix the errors like:

 

Apr 6 05:18:48 1.1.1.1 syslog: ace_reporter.reporter_fail(): Unable to resolve (http://unifi:8080/inform)
Apr 6 05:18:48 1.1.1.1 syslog: ace_reporter.reporter_fail(): initial contact failed #8, url=http://unifi:8080/inform, rc=1
Apr 6 05:18:48 1.1.1.1 syslog: ace_reporter.reporter_next_inform_url(): next inform url[0]=http://unifi:8080/inform

 

Instead of the http://unifi:8080 it would then automaticly use the inform url in the file.

So that when the unit is resetted or rebooted it will always send the first inform to the controller specified.

Now we have to use teamviewer for instance to get on an computer at the remote location to set the inform url again.

 

Help with Firewall Configuration on a new USG for polices to block services

Submitted by -
Status: Invalid

I have a new USG and looking for some assistance in how to add the policies with the CLi to block video streaming and services simular.

Better API Support

Submitted by -
Status: Invalid

A lot of tools out there allow for automation of treatment for endpoints on the network.  This can range from moving an endpoint to a remediation VLAN to killing access all together depending on the health/state of said endpoint.

 

Currently the API is not officially supported.  Its geared mostly towards the unifi wireless.  It does not provide much control of the Switching and USG portions of unifi.  Previously the last.inform was a goldmine in gatherthing data, however since 5.4.9 it no longer exists...

 

For control of devices we do have dynamic VLAN assignments via 802.1x, but this functionality is biast towards the wireless gear, as it is near useless on the switches.  You cannot create a VLAN on the switch in which its ID will be used by dynamic VLAN.  Which means it is impossible to get a routeable interface from the USG to the switch as the switch's uplink cannot tag said VLAN...  Additionally dynamic VLAN assignments via 802.1x is lacking by the fact Change of Autorization is not supported by both the AP's and Switches Ubiquiti produces. 

 

The ask:

Allow the API to be queried for DPI data/VLAN assignments/etc by MAC and/or IP address.

Allow the API to be queried for all data previously found in the inform.last i.e. USG external IP address.

Allow the API to reassign a switch port to a new VLAN when fed a MAC address or switch/port.

Manipulate USG firewall policies through the API.

US‑16‑XG LED arrangement is confusing

Submitted by -
Status: Invalid

I can't be the only person who finds it difficult to find the corresponding LED status light.  Placing the LED's in a single file line on the side of the ports which are placed in pairs is really confusing.

 

Either place the LED's in 2 lines off to the side to more closely resemble the port layout, or

place the LED's in the ports themselves, like they are are on the SFP+ ports on the US-48-500w.

Rear ports for new Unifi 8 port switches

Submitted by -
Status: Invalid

I really like the form factor of the new US-8 and US-8-60. I have replaced my desk switch with the US-8-60 model, but wish it had rear ports like my previous switch. I can understand that rear port switches don't offer too much value when rackmounted with patch panels, but for a desk rear ports are absolutely wonderful.

Manual fan speed setting/ noise reduction measures

Submitted by -
Status: Invalid

Hi no idea if this is possible but I have a 24 port unifi switch which is much louder than I expected.  Would be great if there was some way to reduce the fan speed manually/ reduce noise in a non-commercial setting?  I've seen others commenting on this but didn't spot a specific idea request - so here it is.  Tks

USG Egress Filtering

Submitted by -
Status: Invalid
Take the DPI 1 step less "deep" and 1 step more useful by gathering stats on specifically what IPs and host names a client communicates with. In some cases like a NAS appliance or IoT device, we should be able to analyze and limit what hosts it can communicate with.

Internal servers are more likely to be exposed to the Internet and more likely to be infected by malware. For example, if a bot cannot reach its C&C then it cannot be activated.

Security Gateway needs 11ac WiFi

Submitted by -
Status: Invalid
Hi folks,

I would like to suggest adding 802.11ac capability to the UniFi Security Gateway unit. I think that would make it the perfect road warrior device, easily replacing the Apple Airport Express. What are your thoughts?

Thanks!

Devin

Persistent Unifi Controller

Submitted by -
Status: Invalid

Would like to be able to set a persistent value for the Unifi Controller Inform URL.

 

Right now there is an option under Controller Settings "Override inform host with Controller Hostname/IP". This will set the inform URL for all adopted devices, which is very helpful. I would like another option that allows this to be a persistent value saved to the local device. After a reset (factory defaults), it would still call home to the controller it was connected to prior. Everything else would be the factory defaults.

 

 

Should a device need to be reset, there are plenty of reasons, it would try to make contact with your controller again. This would make it much easier to remotely troubleshoot and reconfigure devices.

 

I know you can make an AP or Switch call home to your controller after a reset using DNS and defining an IP for the hostname "unifi". However, there is no way to accomplish this for a Gateway, which is the most critical device in my opinion.

Optical LAN

Submitted by -
Status: Invalid

A switch with all optical interfaces that could connect to products like:

 

http://zhone.com/products/ZNID-GPON-2800P/ZNID-GPON-2800P.pdf

and

https://www.tellabs.com/company/library/enterprise/products/ont-series/Tellabs_100_Series_Mini_Optical_Network_Terminals_(ONTs).pdf

 

With LC connections, density could be pretty high.

 

As well as the wall-mount fiber-to-copper device. Ideally this device would be able to use the Active Ethernet (Standard Ethernet) standards as well as the GPON (and NG-PON2) standards.

 

0 Kudos

Customizable http(s) uri DPI identifiers.

Submitted by -
Status: Invalid

If you can provide a simpler DPI customization option for appids that work by identifying uris or part of uris (using regular expressions?), that would probably cover 90% of user needs.

 

I'd like to use that to direct traffic (in my case to different VPNs), but I'm currently limited to IPs, Ports or [built-in] AppIs.