UniFi 5.6.18 Stable Candidate has been released

by Ubiquiti Employee ‎09-29-2017 03:41 PM - edited ‎10-13-2017 12:40 PM (37,609 Views)


  • As always, make a backup prior to upgrading.
  • Windows users must have x64 Java installed as we only support 64-bit WebRTC library. Please see HERE and download the missing version (64bit offline Windows install package).
  • You cannot re-use a VLAN ID for dynamic VLAN if it is set as a static value for another SSID on the same AP. So, if I have a SSID set to use VLAN 10, I cannot use VLAN ID 10 for RADIUS controlled VLAN users as those users will not get an IP.
  • Smart Queue QoS is similar to the implementation as in EdgeOS (see HERE). Please note that DPI will not work when using QoS, as traffic will not be offloaded. It's also worth noting that maximum throughput will be affected when using QoS, as traffic is not offloaded. There are some rough guidelines in the article linked above.
  • DFS channels can not be used for wireless uplink in the US. Please use non-DFS channels if you need to use wireless uplink on dual band UAPs. 
  • Official UniFi MIBs can be downloaded from HERE and HERE (those are 2 different files).
  • We no longer support Java version 6, it needs to be 7 or later. We recommend Java version 8.
  • Features like airtime fairness, bandsteering, load balancing and minimum RSSI are default disabled. If you need them you need to go to Settings>Site and check Enable advanced features.
  • If you previously used Google Maps for a site map, then you have to enable this feature again by adding an API key. This is done under Settings>Controller. There is a linked guide with instructions.


Important Notes:

  • The initial database migration will take longer than normal. It is expected to see mongo using most, if not all, of the available CPU cycles during this process. Please be patient, this process could easily take 15+ minutes, depending on the amount of historical stats, as well as the system specs. As always, err on the side of caution, and make a backup before upgrading.
  • The controller will not start if it is set to bind to a privileged port (<1024), as it now runs as a non-root user. There are various ways you can fix this immediately, like authbind, although there may be better ways. We're considering options here.
  • If your controller is running on a UniFi Cloud Key (UCK), make sure it is on firmware 0.6.4 or later, otherwise the controller will not start. This firmware is available via the normal upgrade mechanism found in the controller or it's local management page. Make sure to make a backup before upgrading the UCK firmware, as you'll need it to restore after, and it's good to have a backup on hand before any controller upgrade.
  • There is downgrade protection for UAP-AC-HD/SHD (only). Once on 3.9.0/3.9.1, they will not be able to downgrade to earlier releases. 


Known Issues:

  • Manual site-to-site VPN status is not reflected on the UniFi dashboard widget. Currently it will look like it's offline, even when the tunnel is up.
  • AirTime will not work if a radio is disabled and/or there isn't any SSID present. This will be fixed in a future release. If you enable it, and it still isn't working, then you may need to force a refresh without cache. 
  • If you start both a 2.4GHz and 5GHz scan in quick succession, then it will fail.
  • It is expected that airView will stop occasionally. A stop/start sequence should restore functionality.
  • If you start an airTime scan while airView is running, then airView will stop and you'll need to perform a stop/start sequence to get it working again. This will be fixed in the future.


New Features:

  • Add RADIUS MAC Authentication.
  • Add Firmware Manager to cache locally firmwares.


Controller bugfixes/changes from 5.6.16:

  • Group switch port profiles in dropdown.
  • Add notifications about airView and airTime requirements.
  • Fix incorrect data for selected Access Point in airTime.
  • Add Interim Update Interval to the RADIUS profile.
  • Hide Refresh button.
  • Indicate if AP is country locked and Site has incompatible country settings.
  • Limit DFS for US territories.
  • Limit username and password max length for Admin account and SSH credentials.
  • Fix Map Edit Panel height for designer maps.
  • Fix UI of Stats Recent Activities bar.
  • Fix for wrong data in VLAN column in DPI Restriction Assignments.
  • Hide STUN warning if device needs upgrade.
  • Do not extend MAC ACL accordion when it's disabled.
  • Clear traffic stats donut chart when no categories selected.
  • Show airTime feature for supported radios only.
  • Display airTime and airView features based on firmware version.
  • Fix last scanning time for RF Scan.
  • Hide non-applicable networks in Firewall Rules.
  • Fix lazy loading devices.
  • Fix missing devices during site export.
  • Fix live updating last seen fields.
  • Fix case when draggable icon is not rendered on maps.
  • Fix saving switch port storm control broadcast rate.
  • Fix DPI stats not refreshed when switching from site without DPI enabled.
  • Fix for wrong subnet display after saving Site-to-Site VPN network.
  • Fix displaying IP in batch client configuration.
  • Add missing port profile translation.
  • Fix refreshing coverage on Google Maps after changing 2G/5G devices filter.
  • Update translations (including Chinese date format fix).
  • Revert "change auto VPN VTI subnet mask to /30" as it needs to be reworked.
  • Add Confirm downgrade modal message.
  • Move airTime, airView and RF Scan to Tools tab.
  • Display down and up uplink for clients on known client list.
  • Hide non-relevant interfaces for static route.
  • Fix Invisible airView and airTime during RF Scan.
  • Fix Password reveal in Wizard.
  • Fix Switch Port Storm Control validation.
  • Add protocol name to enable multicast enhancement label.
  • Added group caching support in Firmware Manager.
  • Improved translations in Firmware Manager.
  • Show progress of opening WebRTC connection.
  • Various backend fixes and improvements.
  • Security improvements.


Firmware changes from 3.9.1/4.3.60:

  • [UAPG3] Improve inter-VLAN communication.
  • [UAPG3] Fix false rogue AP detection.
  • [UAP] Fix a memory leak which was present with certain configurations.
  • [UAP] Various backend fixes and/or improvements.
  • [USW] Add SSH key auth fast-apply support.
  • [USW] Various backend fixes and/or improvements.
  • [USG] Updates NTP, net-snmp, IGMP proxy, conntrack-tools, webproxy packages to same as latest EdgeRouter release.
  • [USG] Correct auto S2S VPN status reporting.
  • [USG] L2TP fix for problem that could result in pppd exiting after a client connects. Unclear whether anyone has encountered this problem on USG, but could result in L2TP stopping working until a reboot.
  • [USG] Fix for WLAN DPI blocking and related log spam.
  • [USG] Fix for PPPoE usernames longer than 4000 characters, and usernames containing '/'.
  • [SEC] Update dnsmasq to 2.78. Fixes several security issues published by Google


Recommended Firmware: