We've updated the UniFi Network controller to improve security. Starting with UniFi Network version 5.10, the required minimum firmware for UAP/USW will be 4.0.9 and for USG will be 4.4.34. Devices on earlier firmware will show in the controller and work as you've configured them, this update doesn't change any of the settings. However, please note you will not be able to modify the device configuration until you update the firmware.
This update contains an upgrade to the overall security of the UniFi platform and its devices, it is highly recommend that everyone upgrades to this version. We will also be preparing 5.6.41 to accommodate 1st gen AC devices.
We want our users to have time for adoption and migration to this version, all feedback is welcome.
As always, make a backup prior to upgrading.
Windows users must have x64 Java installed as we only support 64-bit WebRTC library. Please see HERE and download the missing version (64bit offline Windows install package).
You cannot re-use a VLAN ID for dynamic VLAN if it is set as a static value for another SSID on the same AP. So, if I have a SSID set to use VLAN 10, I cannot use VLAN ID 10 for RADIUS controlled VLAN users as those users will not get an IP.
Smart Queue QoS is similar to the implementation as in EdgeOS (seeHERE). It's worth noting that maximum throughput will be affected when using QoS, as traffic is not offloaded. There are some rough guidelines in the article linked above.
DFS channels can not be used for wireless uplink in the US. Please use non-DFS channels if you need to use wireless uplink on dual band UAPs.
Official UniFi MIBs can be downloaded fromHEREandHERE(those are 2 different files).
As of 5.7.x+ we only support Java 8. At this time Java 9+ is not supported.
Features like airtime fairness, bandsteering, load balancing and minimum RSSI are default disabled. If you need them you need to go to Settings>Site and check Enable advanced features.
If you previously used Google Maps for a site map, then you have to enable this feature again by adding an API key. This is done under Settings>Controller. There is a linked guide with instructions.
New Cloud Access requires outbound 8883/tcp to be open/unrestricted.
Linux systems must be running a version of MongoDB prior to 3.6.x. We recommend 3.4.x. This is most likely to be an issue on Ubuntu 18.04 LTS, as it currently offers MongoDB 3.6.x.
The proper keystore alias and name are `unifi`. If your custom SSL cert is no longer working, please verify that you are using the proper keystore and alias. A bug previously allowed `ubnt` to work, although that was never technically correct. If you find mention of these invalid steps on the community, please point them out so we can fix them.
The initial database migrationwill take longer than normal.It is expected to see mongo using most, if not all, of the available CPU cycles during this process. Please be patient, this process could easily take 15+ minutes, depending on the amount of historical stats, as well as the system specs. As always, err on the side of caution, and make a backup before upgrading.
The controller will not start if it is set to bind to a privileged port (<1024), as it now runs as a non-root user.
If your controller is running on a UniFi Cloud Key (UCK), make sure it is on firmware 0.6.4 or later, otherwise the controller will not start. This firmware is available via the normal upgrade mechanism found in the controller or it's local management page. Make sure to make a backup before upgrading the UCK firmware, as you'll need it to restore after, and it's good to have a backup on hand before any controller upgrade.
Support for PicoM2 and 1st gen AC models was dropped in 5.7.x. Please see our announcement HERE.
As of release branch 5.7.x we've made some important changes to the Wireless Uplink feature (feature details HERE).
We removed the "Enable automatic uplink failover" from wireless uplinks as it is no longer needed.
We added the ability to opt an AP in or out of wireless uplinking to another AP. This is done by checking the "Allow meshing to another access point" option found under device properties>Config>Wireless Uplink.
This option should be disabled on wired APs, but is required to be enabled on wireless APs.
If you disable this option on a downlink/wireless AP, then your AP will be disconnected from the network and require further action (including physical access).
If upgrading from 5.6>5.7 then this already be disabled on wired APs, but if upgrading from an earlier 5.7. release then this may be enabled on wired APs.
Again, this option should be enabled on downlink/wireless UAPs only. It should not be enabled on wired UAPs.
We added the ability to set uplink priorties. This allows you to define the preferred uplinks for a downlink/wireless AP.
Fixed IPs (DHCP reservations) are now required to use unique IPs. The same IP cannot be assigned to more than one device. For configurations that already contain duplicates, only the most recently active device will have its fixed IP provisioned to USG. The controller's server.log will contain a log message skip provisioning duplicate fixed IP <IP address> for user[<MAC address>] indicating which was omitted where there are conflicts.
Possible Upgrade Paths:
<=5.10.11 | <=5.9.33 | <=5.8.30 | <=5.7.28 | <=5.6.40 and most earlier releases (going back to 3.1.0). There may be some version specific exceptions to this list.
The above versions are to indicate which version is supported to upgrade from for recent release branches. As long as you are on that release, or an earlier release within that branch, then you can (directly) upgrade to this release.
If you're on a newer release than what is mentioned, then you'll have to wait until this release is updated so that it supports upgrading from the release you're running now.
Some statistics on the dashboard are still under development. Please share any and all feedback!
If the web interface doesn't seem to be displayed/drawn properly, then you likely are hitting a browser caching issue. Please force a hard refresh, and that will clear up any caching issues. Thanks!
Add dark mode.
AddWiFi Experience Score.
AddNetwork and Wi-Fi Performance Optimization feature.
Add option for enabling syslog and netconsole to log to local controller.
AddWhat's New screen.
TheWhat's New screen on the UniFi Network Controller will provide our users with new updates we’ve made to the controller within a visual treatment that’s easy to review.
Configure switch port speed based on device capabilities.
Add Adopt and Upgrade action for unsupported devices.
Add Icon for WAN Transition Event/Alert.
Add RFC 3261 unreserved characters to SIP username, extension, and password fields.
Add fixed vs inline property panel preference.
Add Traditional Chinese (ZH_TW) into language list.
Add option to disable 5GHz only for high performance clients (of theAuto-Optimize Network feature).
Add firmware error detection flags for certain system events.*
Add events for features enabled by Auto-Optimize Network feature.
Add unavilable text to Stats Overview modules.
Check for latest firmware when running custom upgrade.
Replaced devices icons with photos.
Use new styling for Port Diagrams.
Make action buttons in tables sticky.
Blocked clients not counted in Association Failures widget.
Include manual site-to-site VPNs on site import.
Improve Controller Wizard.
Improve accuracy of Neighboring Access Points.
Improve auto positioning tooltip.
Improve tooltip for local login with UBNT Account.
Improve Most Active APs Widget
Improve navigation in Wizard
Improve global side nav.
Allow setting Switch port name same as profile name.
Move preferences to settings as User Interface.
Updated events and alerts.
Updated Insights and Statistics to use new header panel styles.
Updated Traffic Stats tables to use new table styles.
Update UniFi Network logo and title.
Updated device grid status bars.
Updated DPI chart UI.
AP Property Panel - RF tooltip positioning improvement.
Controller update available popup - add option to ignore.
Fix RADIUS Profile tooltip in WPA Enterprise settings.
IPS Map: Country labels are not refreshed after changing language.
Generate an event when MongoDB size exceeds 1.25GB on UniFi Cloud Key (1st gen only).
Fix false rejections of valid IPv6 addresses for firewall groups and static routes.
Fix firmware caching when firmware update service returns an error.
Fix a bug which may have prevented database migration when upgrading the controller.
Fix Missing logo in Sites overview.
Fix empty Property Panel after page reload.
Fix Release notes bounce when left open on low height screen.
Fix empty ISP Graph X axis scale.
Fix Moved temperature in USG overview property panel.
Fix always displayed warning about not allowed channels.
Fix device table icon padding.
Fix WebRTC functionality on recent builds of Firefox.
Fix various text overflow issues.
Fix client historical label displaying the wrong value.
Fix known clients inconsistency.
Fix incorrect client's uplink in Client List view.
Fix double DHCPv6-PD node with PPPoE and DHCPv6.
Fix Compact Database feature.
Fix some untranslated strings in Insights/Switch Stats view.
Fix XSS on fatal page.
Fix interim update intervalprovisioning.
Fix broken Device dist. module color picker.
Fix console error in Hotspot Manager > Payments and Transactions > click on Payments button.
Fix batch edit for nanoHD/In-Wall HD (and possibly other SKUs).
Fix Release notes bounce when left open on low height screen.
Fix unreadable controller logs when using default/lower loglevels.
Fix issue which would cause devices to get stuck in adopting state.
Fix a NPE which may occur when attempting to adopt a USG, and on every inform from it.
Fix validation in Add Client form.
Fix AP VLAN toggle applying to another property panel.
Fix for long name overlapping.
Fix missing adopt button for USG in Property Panel.
Fix no DPI data when switching from Overview to Apps.
Fix position and size of tooltips.
Fix sorting via model doesn't work forUniFi AP-BaseStationXG.
Fix icon size of dashboard DPI modules.
Fix spacing on Switch port profiles tagged networks checkboxes.
Fix wireless uplink detection when usingAuto-Optimize Network feature.
Fix and improve database handling to mitigate migration issues with large databases (reportedHERE).
Fix incorrect LAN traffic counter on switching widget.
Fix voucher printing.
Fix displaying Tx and Rx Radio values in Devices panel.
Fix displayingWi-Fi Experience for devices with one type of radio.
Fix firmware notice alignment.
Fix IPS date range.
Fix tooltip for Adopting multiple USG.
Fix the error message when deleting user groups attached to WLANs.
Hide PoE label on switch port profile form when no PoE options available.
No margin between buttons in airView.
Remove ambiguity from switch power consumption in device properties.
Switch ISP upload/download colors.
Port Usage widget cleanup and componentization.
Legacy (Svg) map - add workaround for Chrome bug when device marker is moved to top left corner on animation applied.
Dashboard main status: fix case when no WIFi Experience is available (i.e. 0 APs) but vertical separator is shown.
Add missing icon for STP blocking event.
Firewall: Fix saving IPv6 rules.
IPS: fix Geo Location that was incorrect in certain cases.
Various bug fixes and improvements.
*This upgrade will run on any device an admin upgrades via the controller. It will only run on the models mentioned when they are running firmware prior to 4.0.6. These devices will first have to upgrade to 4.0.10, and then they can upgrade to the desired 4.x release from there.