HWZ Forums

Login Register FAQ Mark Forums Read

Advise on Ubiquiti products

Like Tree2Likes
Reply
 
LinkBack Thread Tools
Old 10-02-2019, 04:05 PM   #1
Master Member
 
Kopi_Lui's Avatar
 
Join Date: Jan 2010
Posts: 2,693
Advise on Ubiquiti products

Hi guys, i am thinking of getting ubiquiti products for my home.

Currently i am intending to get:
Edgerouter 6p
Unifi AP LR or Pro

I saw some youtube videos saying a unifi controller is needed, software can be installed on a PC but a hardware cloud key is recommended. Why is it so? Is the software needed to keep my wifi running?

Also am i missing some licenses to run the run fearures of the edgerouter 6P?

Current intended set up:
ONT (-> telco router*) -> eth0 of edge router -> internal lan w/ vlans

*might be needed if i am getting services like IPTV or other voice services
Kopi_Lui is offline   Reply With Quote
Old 10-02-2019, 04:59 PM   #2
Senior Member
 
Join Date: Aug 2017
Posts: 2,191
The unifi controller is used to keep logs and run the captive portal. You don't need to run it 24/7 if you do not need those features. You could set the unifi ap up with the unifi app as well.

The edgerouter 6p does not have a built in switching hardware. You be using the taxing the router cpu if you use it as a router + switch.

You do not need a license to run any edge or unifi series hardware.

I feel you are better off sticking to all unifi hardware e.g unifi USG (router) unifi switch & AP. As all of them can be managed form the same unifi controller.
dryteletubby is offline   Reply With Quote
Old 11-02-2019, 04:19 PM   #3
Master Member
 
Kopi_Lui's Avatar
 
Join Date: Jan 2010
Posts: 2,693
Hi dryreletubby, i was initially looking for a device with firewalling features, vlan, preferbly able to filter by device category (android, ipad, iphone etc so as to filter them out in firewall rule).

I wanted to use fortinet instead but i just learnt that i need to pay subscription for some of the features.

What so you mean by it doesnt have switching hardware? Anyway the edgerouter would most likely be the gateway for the different vlans. So it should be able to have firewall policies/rules and route between vlans
Kopi_Lui is offline   Reply With Quote
Old 11-02-2019, 05:23 PM   #4
Senior Member
 
Join Date: Aug 2017
Posts: 2,191
Hi dryreletubby, i was initially looking for a device with firewalling features, vlan, preferbly able to filter by device category (android, ipad, iphone etc so as to filter them out in firewall rule).

I wanted to use fortinet instead but i just learnt that i need to pay subscription for some of the features.

What so you mean by it doesnt have switching hardware? Anyway the edgerouter would most likely be the gateway for the different vlans. So it should be able to have firewall policies/rules and route between vlans
The edgerouter 6p is just a router not a router + switch. It can work as a router + switch but will cost much of its performance.


https://help.ubnt.com/hc/en-us/artic...-Should-I-Use-


You can consider pfsense as it's completely free and open source


https://www.pfsense.org
dryteletubby is offline   Reply With Quote
Old 11-02-2019, 07:10 PM   #5
Senior Member
 
-Grift-'s Avatar
 
Join Date: Apr 2015
Posts: 583
As above stated but if you still wanna go foward with ubiquiti the go to setup is
USG + Unifi POE Switch + Unifi AP + Unifi Controller running on free Google Cloud instance
-Grift- is offline   Reply With Quote
Old 12-02-2019, 09:28 AM   #6
Master Member
 
Kopi_Lui's Avatar
 
Join Date: Jan 2010
Posts: 2,693
I did read in the ubnt forums that the USG is similar to the ER3Lite that was also recommended both here and ubnt forums.

I will not be doing switching at the router. I will trunk 1 physical interface of the ER to a VLAN aware switch (like tp-link) and the ER interface is meant for VLAN routing. Does this still count as switching?

I can consider the ER-4 as well but the cost difference is not very big.

When u guys say USG, are you guys referring to the 3 port USG?

@-grift-
I initially wanted to have a fortigate and forti-ap set up but it was way too expensive. Any recommendations if i do not go with ubiquiti?
Kopi_Lui is offline   Reply With Quote
Old 12-02-2019, 08:35 PM   #7
Member
 
Join Date: Oct 2015
Posts: 439
I did read in the ubnt forums that the USG is similar to the ER3Lite that was also recommended both here and ubnt forums.

I will not be doing switching at the router. I will trunk 1 physical interface of the ER to a VLAN aware switch (like tp-link) and the ER interface is meant for VLAN routing. Does this still count as switching?

I can consider the ER-4 as well but the cost difference is not very big.

When u guys say USG, are you guys referring to the 3 port USG?

@-grift-
I initially wanted to have a fortigate and forti-ap set up but it was way too expensive. Any recommendations if i do not go with ubiquiti?
USG is the unifi security gateway or something. 1 port, but there's a 4 port option - USG Pro


dryteletubby is right - go for a
USG <> Unifi switch <> UniFi APs

if you only need 1 AP, then skip the switch.

suggestion for AP is the unifi AP AC HD. pro is an old model (like the ERL router) and the HD is better than the LR.



https://help.ubnt.com/hc/en-us/artic...ching-Hardware
systemsgo is offline   Reply With Quote
Old 15-02-2019, 12:19 AM   #8
Master Member
 
Kopi_Lui's Avatar
 
Join Date: Jan 2010
Posts: 2,693
Does the USG function like the ER-4, feature wise?

My main requirement is vlan segregation, firewall rules for each vlan (block internet etc).

Bonus feature is if the software can detect and group devices in each vlan by endpoint OS.

I can only find the nanoHD on lazada.
Kopi_Lui is offline   Reply With Quote
Old 15-02-2019, 12:47 AM   #9
Arch-Supremacy Member
 
coloumbiaGames's Avatar
 
Join Date: Feb 2008
Posts: 14,727
Does the USG function like the ER-4, feature wise?

My main requirement is vlan segregation, firewall rules for each vlan (block internet etc).

Bonus feature is if the software can detect and group devices in each vlan by endpoint OS.

I can only find the nanoHD on lazada.
https://demo.ui.com/manage/site/default/dashboard
__________________
.
coloumbiaGames is offline   Reply With Quote
Old 25-02-2019, 11:37 PM   #10
Supremacy Member
 
hawthorne's Avatar
 
Join Date: May 2006
Posts: 6,485
The benefits of using USG is both the USG and the APs uses the Unifi platform. U can just install the cloud controller on a PC, or buy the cloud key and configure them on a single UI.

ER-4 has a better specs that USG (higher PPS, The USG equivalent of the ER-3 lite btw). If u go the ER-4 route, u will need to configure the ER using a separate UI.

Depends on your use case, u dun need to have a cloud key/ cloud controller running, unless u want to use additional features like implementing guest wifi login features Most people just run it off their PC, configure the hardware, after that can shutdown the daemon Liao. Also Read that others managed to set up a the cloud controller on a NAS or Amazon cloud services. I bought the cloud key though, as it makes administrating your infra more convenient

Last edited by hawthorne; 25-02-2019 at 11:42 PM..
hawthorne is offline   Reply With Quote
Old 26-02-2019, 10:16 AM   #11
Junior Member
 
Join Date: Apr 2008
Posts: 34
So hawthorne,

Which version of the cloud key did you buy ??
cloud key ( white colour ) or cloud key gen 2 or cloud key gen 2 plus ????

thanks
kcleong88 is offline   Reply With Quote
Old 26-02-2019, 12:07 PM   #12
Supremacy Member
 
hawthorne's Avatar
 
Join Date: May 2006
Posts: 6,485
First gen cloud key. It was the only one at that time
hawthorne is offline   Reply With Quote
Old 26-02-2019, 12:44 PM   #13
Master Member
 
it_geek's Avatar
 
Join Date: Feb 2017
Posts: 2,953
The unifi controller is used to keep logs and run the captive portal. You don't need to run it 24/7 if you do not need those features. You could set the unifi ap up with the unifi app as well.

The edgerouter 6p does not have a built in switching hardware. You be using the taxing the router cpu if you use it as a router + switch.

You do not need a license to run any edge or unifi series hardware.

I feel you are better off sticking to all unifi hardware e.g unifi USG (router) unifi switch & AP. As all of them can be managed form the same unifi controller.

On that note, a captive portal is quite useful if you tend to invite a lot of friends over to your house... and want to restrict their wi-fi access.
__________________
I can't and I don't give legal advice.
Check out my Fursuit thread in the Hobby Lovers sub-forum.
it_geek is offline   Reply With Quote
Old 26-02-2019, 01:26 PM   #14
Supremacy Member
 
hawthorne's Avatar
 
Join Date: May 2006
Posts: 6,485
On that note, a captive portal is quite useful if you tend to invite a lot of friends over to your house... and want to restrict their wi-fi access.
The only irritating thing is that if u run the Captive portal via https, u will encounter the irritating ssl cert error. Need to buy a domain name and register for a proper SSL cert

Free SSL cert can be obtained via letsencrypt. But their SSL cert expires every 3 months and there is no way to automate the renewal unless u expose your cloudkey to the WAN.

Last edited by hawthorne; 26-02-2019 at 01:30 PM..
hawthorne is offline   Reply With Quote
Old 02-03-2019, 10:56 PM   #15
Master Member
 
Kopi_Lui's Avatar
 
Join Date: Jan 2010
Posts: 2,693
It is very likely that i will get the ER-4 and a standalone mountable AP.

Now its a matter of using with or without ISP router depending on what services i am subscribing to.
Kopi_Lui is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On