# Ubiquiti: UniFi
# UniFi Express Setup Guide
This guide will walk you through setting up a UniFi Express system for a home network with the following features:
- **Two SSIDs:** Home and Guest
- **Three VLANs:** Home, Guest, and IoT
- **PPSK (Private Pre-Shared Key):** Different keys for Home and IoT networks
### Prerequisites
1. **UniFi Express Device**: Make sure your UniFi Express device is plugged in and powered on.
2. **UniFi Controller Software**: Install the UniFi Network Controller on a computer or server. You can download it from the Ubiquiti website.
3. **Basic Network Setup**: Ensure you have an internet connection and basic network setup ready.
### Step-by-Step Setup
#### Step 1: Access UniFi Controller
1. Open a web browser and navigate to the UniFi Controller URL (e.g., `https://:8443`).
2. Log in with your UniFi account credentials.
#### Step 2: Adopt UniFi Device
1. Go to the **Devices** section.
2. Find your UniFi Express device in the list and click **Adopt**.
3. Wait for the device to show as "Connected."
#### Step 3: Create VLANs
1. Navigate to **Settings** > **Networks**.
2. Click **Create New Network**.
**Home VLAN**
- **Name**: Home
- **Purpose**: Corporate
- **VLAN ID**: 10 (Example)
- **Gateway/Subnet**: 192.168.10.1/24 (Example)
**Guest VLAN**
- **Name**: Guest
- **Purpose**: Guest
- **VLAN ID**: 20 (Example)
- **Gateway/Subnet**: 192.168.20.1/24 (Example)
**IoT VLAN**
- **Name**: IoT
- **Purpose**: Corporate
- **VLAN ID**: 30 (Example)
- **Gateway/Subnet**: 192.168.30.1/24 (Example)
#### Step 4: Create Wireless Networks (SSIDs)
1. Navigate to **Settings** > **Wireless Networks**.
2. Click **Create New Wireless Network**.
**Home SSID**
- **SSID Name**: Home
- **Security**: WPA Personal
- **VLAN**: Use VLAN 10
- **PPSK**: Enable PPSK and configure keys for Home and IoT VLANs.
**Guest SSID**
- **SSID Name**: Guest
- **Security**: WPA Personal
- **VLAN**: Use VLAN 20
#### Step 5: Configure PPSK for Home SSID
1. Go to **Settings** > **Wireless Networks** > **Home SSID**.
2. Under the **Security** settings, enable **PPSK**.
3. Create multiple PPSKs:
- **Home Access Key**: Associate with VLAN 10.
- **IoT Access Key**: Associate with VLAN 30.
#### Step 6: Guest Network Configuration
1. Ensure that the **Guest SSID** is configured to isolate traffic and restrict access to internal resources.
2. Under **Settings** > **Guest Control**, enable **Guest Portal** if you want to use a captive portal.
#### Step 7: Apply Settings and Test
1. Review your settings and apply changes.
2. Connect devices to each SSID and verify connectivity.
- Home devices should connect to the Home SSID and be assigned to VLAN 10.
- IoT devices should use the designated PPSK for the IoT VLAN.
- Guest devices should connect to the Guest SSID and be isolated.
### Additional Tips
- **Monitoring**: Use the UniFi Controller to monitor network traffic and performance.
- **Security**: Regularly update firmware and review security settings to protect your network.
- **Support**: For any issues, consult the UniFi support forums or documentation.
[https://ui.com/uk/en/cloud-gateways/wifi-integrated/express](https://ui.com/uk/en/cloud-gateways/wifi-integrated/express)
# UniFi Dream Router Setup Guide
This guide will help you set up your UniFi Dream Router (UDR) with the following features:
- **Two SSIDs**: Home and Guest
- **Three VLANs**: Home, Guest, and IoT
- **PPSK (Private Pre-Shared Key)**: Different keys for Home and IoT networks
- **Firewall Rules**: Optimized for streaming and gaming
### Prerequisites
1. **UniFi Dream Router**: Ensure your UDR is plugged in and powered on.
2. **UniFi Controller Software**: Accessible through the UniFi Network App on your smartphone or through the web interface.
3. **Basic Network Setup**: An existing internet connection and basic network configuration.
### Step-by-Step Setup
#### Step 1: Access UniFi Controller
1. Connect to the UDR using the UniFi Network App or through a web browser at `https://:8443`.
2. Log in with your UniFi account credentials.
#### Step 2: Adopt and Configure the UDR
1. In the **Devices** section, ensure the UDR is listed and click **Adopt** if necessary.
2. Wait for the UDR to show as "Connected."
#### Step 3: Create VLANs
1. Go to **Settings** > **Networks**.
2. Click **Create New Network**.
**Home VLAN**
- **Name**: Home
- **Purpose**: Corporate
- **VLAN ID**: 10
- **Gateway/Subnet**: 192.168.10.1/24
**Guest VLAN**
- **Name**: Guest
- **Purpose**: Guest
- **VLAN ID**: 20
- **Gateway/Subnet**: 192.168.20.1/24
**IoT VLAN**
- **Name**: IoT
- **Purpose**: Corporate
- **VLAN ID**: 30
- **Gateway/Subnet**: 192.168.30.1/24
#### Step 4: Create Wireless Networks (SSIDs)
1. Go to **Settings** > **WiFi** > **Add New WiFi Network**.
**Home SSID**
- **SSID Name**: Home
- **Security**: WPA Personal
- **VLAN**: Use VLAN 10
- **PPSK**: Enable PPSK and configure keys for Home and IoT VLANs.
**Guest SSID**
- **SSID Name**: Guest
- **Security**: WPA Personal
- **VLAN**: Use VLAN 20
#### Step 5: Configure PPSK for Home SSID
1. Under the **WiFi** settings, select **Home SSID**.
2. In the **Security** section, enable **PPSK**.
3. Create multiple PPSKs:
- **Home Access Key**: Associate with VLAN 10.
- **IoT Access Key**: Associate with VLAN 30.
#### Step 6: Configure Firewall Rules for Streaming and Gaming
1. Navigate to **Settings** > **Firewall & Security** > **Firewall Rules**.
2. Click **Create New Rule** and configure the following rules:
**Streaming Optimization**
- **Name**: Allow Streaming Services
- **Rule Type**: LAN IN
- **Action**: Accept
- **Source**: Any (or specify devices/networks)
- **Destination**: IP ranges for popular streaming services (e.g., Netflix, Hulu, etc.)
- **Description**: Optimize streaming by prioritizing traffic.
**Gaming Optimization**
- **Name**: Allow Gaming Services
- **Rule Type**: LAN IN
- **Action**: Accept
- **Source**: Any (or specify gaming devices)
- **Destination**: IP ranges for popular gaming servers (e.g., Xbox Live, PlayStation Network, etc.)
- **Description**: Optimize gaming by reducing latency.
3. Ensure these rules are above any default deny rules to take effect.
#### Step 7: Apply Settings and Test
1. Review all your settings and apply the changes.
2. Test each SSID:
- Connect home devices to the Home SSID.
- Connect IoT devices using the designated PPSK for the IoT VLAN.
- Connect guest devices to the Guest SSID to ensure isolation.
3. Test streaming and gaming devices to confirm optimized performance.
### Additional Tips
- **Regular Updates**: Keep your UDR firmware up-to-date for security and performance improvements.
- **Monitoring**: Use the UniFi Controller to monitor network traffic and performance metrics.
- **Support**: For assistance, visit the UniFi support forums or consult official documentation.
[https://ui.com/uk/en/cloud-gateways/wifi-integrated/dream-router](https://ui.com/uk/en/cloud-gateways/wifi-integrated/dream-router)
# UniFi OS Server Installation on Ubuntu Server
\# Switch to root
sudo -i
\# Update and upgrade the system
apt update && apt upgrade -y
\# Install required packages
apt install -y podman curl wget ca-certificates gnupg lsb-release
\# Optional: Verify Podman version
podman --version
\# Create a working directory
cd /opt
mkdir -p unifi-os/4.2.23 && cd unifi-os/4.2.23
\# Download UniFi OS Server binary (update version here if needed)
wget https://fw-download.ubnt.com/data/unifi-os-server/8b93-linux-x64-4.2.23-158fa00b-6b2c-4cd8-94ea-e92bc4a81369.23-x64 -O unifi-os-installer
\# Make it executable
chmod +x unifi-os-installer
\# Run the installer
./unifi-os-installer install
### Notes & Tips:
- **Ubuntu Version**: Ubuntu 22.04 LTS is recommended. UniFi OS might not behave as expected on older versions due to dependency mismatches or outdated container runtimes.
- **Podman vs Docker**: Ubiquiti officially supports Podman for UniFi OS Server as it does not require a daemon and better supports rootless containers. This script installs it system-wide for root.
- **Firewall**: Make sure required ports are open (`8443`, `443`, `8080`, `3478/UDP`, etc.).
- **Persistence**: Depending on the deployment type, you may need to manage container data volumes and systemd integration yourself if not handled automatically by the script.