Ubiquiti: UniFi

• UniFi Express Setup Guide
• UniFi Dream Router Setup Guide
• UniFi OS Server Installation on Ubuntu Server

UniFi Express Setup Guide

This guide will walk you through setting up a UniFi Express system for a home network with the following features:

• Two SSIDs: Home and Guest
• Three VLANs: Home, Guest, and IoT
• PPSK (Private Pre-Shared Key): Different keys for Home and IoT networks

Prerequisites

1. UniFi Express Device: Make sure your UniFi Express device is plugged in and powered on.
2. UniFi Controller Software: Install the UniFi Network Controller on a computer or server. You can download it from the Ubiquiti website.
3. Basic Network Setup: Ensure you have an internet connection and basic network setup ready.

Step-by-Step Setup

Step 1: Access UniFi Controller

1. Open a web browser and navigate to the UniFi Controller URL (e.g., https://<controller-ip>:8443).
2. Log in with your UniFi account credentials.

Step 2: Adopt UniFi Device

1. Go to the Devices section.
2. Find your UniFi Express device in the list and click Adopt.
3. Wait for the device to show as "Connected."

Step 3: Create VLANs

1. Navigate to Settings > Networks.
2. Click Create New Network.

Home VLAN

• Name: Home
• Purpose: Corporate
• VLAN ID: 10 (Example)
• Gateway/Subnet: 192.168.10.1/24 (Example)

Guest VLAN

• Name: Guest
• Purpose: Guest
• VLAN ID: 20 (Example)
• Gateway/Subnet: 192.168.20.1/24 (Example)

IoT VLAN

• Name: IoT
• Purpose: Corporate
• VLAN ID: 30 (Example)
• Gateway/Subnet: 192.168.30.1/24 (Example)

Step 4: Create Wireless Networks (SSIDs)

1. Navigate to Settings > Wireless Networks.
2. Click Create New Wireless Network.

Home SSID

• SSID Name: Home
• Security: WPA Personal
• VLAN: Use VLAN 10
• PPSK: Enable PPSK and configure keys for Home and IoT VLANs.

Guest SSID

• SSID Name: Guest
• Security: WPA Personal
• VLAN: Use VLAN 20

Step 5: Configure PPSK for Home SSID

1. Go to Settings > Wireless Networks > Home SSID.
2. Under the Security settings, enable PPSK.
3. Create multiple PPSKs:
   • Home Access Key: Associate with VLAN 10.
   • IoT Access Key: Associate with VLAN 30.

Step 6: Guest Network Configuration

1. Ensure that the Guest SSID is configured to isolate traffic and restrict access to internal resources.
2. Under Settings > Guest Control, enable Guest Portal if you want to use a captive portal.

Step 7: Apply Settings and Test

1. Review your settings and apply changes.
2. Connect devices to each SSID and verify connectivity.
   • Home devices should connect to the Home SSID and be assigned to VLAN 10.
   • IoT devices should use the designated PPSK for the IoT VLAN.
   • Guest devices should connect to the Guest SSID and be isolated.

Additional Tips

• Monitoring: Use the UniFi Controller to monitor network traffic and performance.
• Security: Regularly update firmware and review security settings to protect your network.
• Support: For any issues, consult the UniFi support forums or documentation.

https://ui.com/uk/en/cloud-gateways/wifi-integrated/express

UniFi Dream Router Setup Guide

This guide will help you set up your UniFi Dream Router (UDR) with the following features:

• Two SSIDs: Home and Guest
• Three VLANs: Home, Guest, and IoT
• PPSK (Private Pre-Shared Key): Different keys for Home and IoT networks
• Firewall Rules: Optimized for streaming and gaming

Prerequisites

1. UniFi Dream Router: Ensure your UDR is plugged in and powered on.
2. UniFi Controller Software: Accessible through the UniFi Network App on your smartphone or through the web interface.
3. Basic Network Setup: An existing internet connection and basic network configuration.

Step-by-Step Setup

Step 1: Access UniFi Controller

1. Connect to the UDR using the UniFi Network App or through a web browser at https://<UDR-IP>:8443.
2. Log in with your UniFi account credentials.

Step 2: Adopt and Configure the UDR

1. In the Devices section, ensure the UDR is listed and click Adopt if necessary.
2. Wait for the UDR to show as "Connected."

Step 3: Create VLANs

1. Go to Settings > Networks.
2. Click Create New Network.

Home VLAN

• Name: Home
• Purpose: Corporate
• VLAN ID: 10
• Gateway/Subnet: 192.168.10.1/24

Guest VLAN

• Name: Guest
• Purpose: Guest
• VLAN ID: 20
• Gateway/Subnet: 192.168.20.1/24

IoT VLAN

• Name: IoT
• Purpose: Corporate
• VLAN ID: 30
• Gateway/Subnet: 192.168.30.1/24

Step 4: Create Wireless Networks (SSIDs)

1. Go to Settings > WiFi > Add New WiFi Network.

Home SSID

• SSID Name: Home
• Security: WPA Personal
• VLAN: Use VLAN 10
• PPSK: Enable PPSK and configure keys for Home and IoT VLANs.

Guest SSID

• SSID Name: Guest
• Security: WPA Personal
• VLAN: Use VLAN 20

Step 5: Configure PPSK for Home SSID

1. Under the WiFi settings, select Home SSID.
2. In the Security section, enable PPSK.
3. Create multiple PPSKs:
   • Home Access Key: Associate with VLAN 10.
   • IoT Access Key: Associate with VLAN 30.

Step 6: Configure Firewall Rules for Streaming and Gaming

1. Navigate to Settings > Firewall & Security > Firewall Rules.
2. Click Create New Rule and configure the following rules:

Streaming Optimization

• Name: Allow Streaming Services
• Rule Type: LAN IN
• Action: Accept
• Source: Any (or specify devices/networks)
• Destination: IP ranges for popular streaming services (e.g., Netflix, Hulu, etc.)
• Description: Optimize streaming by prioritizing traffic.

Gaming Optimization

• Name: Allow Gaming Services
• Rule Type: LAN IN
• Action: Accept
• Source: Any (or specify gaming devices)
• Destination: IP ranges for popular gaming servers (e.g., Xbox Live, PlayStation Network, etc.)
• Description: Optimize gaming by reducing latency.

3. Ensure these rules are above any default deny rules to take effect.

Step 7: Apply Settings and Test

1. Review all your settings and apply the changes.
2. Test each SSID:
   • Connect home devices to the Home SSID.
   • Connect IoT devices using the designated PPSK for the IoT VLAN.
   • Connect guest devices to the Guest SSID to ensure isolation.
3. Test streaming and gaming devices to confirm optimized performance.

Additional Tips

• Regular Updates: Keep your UDR firmware up-to-date for security and performance improvements.
• Monitoring: Use the UniFi Controller to monitor network traffic and performance metrics.
• Support: For assistance, visit the UniFi support forums or consult official documentation.

https://ui.com/uk/en/cloud-gateways/wifi-integrated/dream-router

UniFi OS Server Installation on Ubuntu Server

# Switch to root
sudo -i

# Update and upgrade the system
apt update && apt upgrade -y

# Install required packages
apt install -y podman curl wget ca-certificates gnupg lsb-release

# Optional: Verify Podman version
podman --version

# Create a working directory
cd /opt
mkdir -p unifi-os/4.2.23 && cd unifi-os/4.2.23

# Download UniFi OS Server binary (update version here if needed)
wget https://fw-download.ubnt.com/data/unifi-os-server/8b93-linux-x64-4.2.23-158fa00b-6b2c-4cd8-94ea-e92bc4a81369.23-x64 -O unifi-os-installer

# Make it executable
chmod +x unifi-os-installer

# Run the installer
./unifi-os-installer install

Notes & Tips:

• Ubuntu Version: Ubuntu 22.04 LTS is recommended. UniFi OS might not behave as expected on older versions due to dependency mismatches or outdated container runtimes.

• Podman vs Docker: Ubiquiti officially supports Podman for UniFi OS Server as it does not require a daemon and better supports rootless containers. This script installs it system-wide for root.

• Firewall: Make sure required ports are open (8443, 443, 8080, 3478/UDP, etc.).

• Persistence: Depending on the deployment type, you may need to manage container data volumes and systemd integration yourself if not handled automatically by the script.