Unifi Controller VLAN Setup
This will be used to setup the Unifi managed switches and APs. See Example Network Diagram. Download and install the Unifi Controller onto the setup laptop.
Danger
The most recent firmware update (~2019-10) has added telemetry to ubiquity devices; disabled by default.
Block or blackhole trace.svc.ui.com.
Basic Setup Wizard
Connect to Unifi Controller @ http://localhost:8443.
Note
Skip device, wifi and cloud login configuration during the intial configuration.
Basic Unifi Controller Setup
Setup Wizard
Select your Country
COUNTRY
Select your Timezone
TZ
› ☑
Enable Auto Backup
Updated: None
Basic Unifi Controller Access Setup
Setup Wizard › Controller Access
Admin Name
USER
Admin Email
Admin Password
PASS
Device Authentication
USER
Device Password
PASS
Warning
The admin name account is the super admin for the controller, meaning that account can manage multiple sites as well as devices. The device authentication account is used to manage physical devices via the UI or SSH on that device.
Updated: None
Basic Controller Setup
Basic Unifi Controller Setup
⚙ › Controller › Controller Settings
Controller Name
HOST
Controller Hostname/IP
IP
› ☐
Override inform host with controller hostname/IP
› ☑
Make controller discoverable on L2 network
Store
Disable store for all users
Support Messaging
Disable live support for all users
Real-time Updates in Web Browser
Automatically adapt rates of real-time updates
Analytics & Improvements
OFF
› ☐
Enable mail server
Updated: None
Warning
L2 device discovery will help to adopt controllers which are not receiving a unifi controller DHCP option. These settings are only for initial setup with the laptop and may be changed or disabled after initial configuration to rely on DHCP or set inform.
Remote Access Controller Setup
⚙ › Remote Access › Controller
Enable Remote Access
OFF
Enable Local Login with UBNT Account
OFF
Remote Access Status
DISABLED
Updated: None
Remote Access Owner Setup
⚙ › Remote Access › Owner
Configured for
Not Configured
Updated: None
Remote Access Advanced Setup
⚙ › Remote Access › Advanced Options
Report Errors to Ubiquiti
☐
Updated: None
Site Configuration
⚙ › Site › Site Configuration
Site Name
SITE
Country
COUNTRY
Timezone
TZ
Updated: None
Service Configuration
⚙ › Site › Services
☐
Advanced Features
☑
Automatically upgrade AP firmware
☐
Enable status LED
☐
Enable alert emails
☐
Enable periodic speed test every
☑
Enable connectivity monitor and wireless uplink
☑
Default gateway
☐
Enable remote Syslog server
☐
Enable Netconsole logging server
Warning
Alerts and advanced logging disabled for initial setup, change these after finishing configuration.
Updated: None
Provider Capabilities
⚙ › Site › Provider Capabilities
Download
1 Gbps
Upload
1 Gpbs
Warning
Upload/Download settings should be reflective of your Internet connection for proper scaling of graphing data. It is not a throttle.
Updated: None
Device Authentication
⚙ › Site › Device Authentication
☑
Enable SSH Authentication
Username
USER
Password
PASS
Updated: None
Apply changes.
VLAN Configuration
Add all VLANS using the VLAN Table.
Default LAN Network
⚙ › Networks › LAN
☑
Corporate
☑
LAN
Gateway/Subnet
10.1.1.1/24
Domain Name
DOMAIN
› ☐
Enable IGMP Snooping
DHCP Server
NONE
› ☐
Enable DHCP gaurding
› ☐
Enable UPnP LAN
IPv6 Interface Type
NONE
Warning
This will be the default network when new devices are discovered before they are adopted. This is also the untagged Management VLAN network. Configure with Management VLAN settings.
Updated: None
Create All VLAN Networks
⚙ › Networks › Create New Network
Name
Wired
☑
VLAN Only
VLAN
2
Note
Add all VLANS using the VLAN Table. Management VLAN is not explicitly defined as a VLAN – untagged traffic coming into eth0 IS management traffic.
Updated: None
Add Trunk Port Profiles
Add AP Wireless Trunk Port Profiles
⚙ › Profiles › Switch Ports › Add New Port Profile › Create New Switch Port Profile
Profile Name
trunk-wifi
› POE
PoE/PoE+
Networks/VLANs
› Native Network
LAN
› Tagged Networks
wifi
› Voice Network
NONE
Updated: None
Add Wired Trunk Port Profiles
⚙ › Profiles › Switch Ports › Add New Port Profile › Create New Switch Port Profile
Profile Name
trunk-wired
› POE
OFF
Networks/VLANs
› Native Network
LAN
› Tagged Networks
wifi wired
› Voice Network
NONE
Updated: None
Add Server Trunk Port Profiles
⚙ › Profiles › Switch Ports › Add New Port Profile › Create New Switch Port Profile
Profile Name
trunk-server
› POE
OFF
Networks/VLANs
› Native Network
LAN
› Tagged Networks
server infrastructure
› Voice Network
NONE
Updated: None
References