Ubiquiti router recommendation

ritchierich · February 16, 2022, 12:54am

Thought I would re-ask this question given @jkp asked it almost a year ago. Any new ideas on VPN other than what was mentioned above? I can always run the VPN server on my NAS and port forward. I have iOS devices so having it work on that OS is a must.

danabw · February 16, 2022, 1:14am

This is what blue painter's tape was really invented for - putting little reminder notes on hardware. "Adjust port speed!! on spf+!!" I have so many blue tape reminders on my stuff that it looks like a painting project was stopped in it's tracks by a zombie apocalypse.

danabw · February 16, 2022, 1:19am

WireGuard is still the best, IMHO. Also supported on several U devices:

WireGuard for EdgeRouter, Unifi Gateway and Unifi Dream Machine:

And a Unifi community developed Ubiquiti install script here:

github.com

mafredri/vyatta-wireguard-installer/blob/master/README.md

# vyatta-wireguard-installer

Install, upgrade or remove WireGuard ([WireGuard/wireguard-vyatta-ubnt](https://github.com/WireGuard/wireguard-vyatta-ubnt)) on Ubiquiti hardware. By default, the installer caches the deb-package so that the same version of WireGuard can be restored after a firmware upgrade.

## Installation

Simply copy the script onto your Ubiquiti router and run it.

**Note:** By placing this script in `/config/scripts/post-config.d`, the WireGuard installation will persist across firmware upgrades.

```console
curl -sSL https://github.com/mafredri/vyatta-wireguard-installer/raw/master/wireguard.sh -o /config/scripts/post-config.d/wireguard.sh
chmod +x /config/scripts/post-config.d/wireguard.sh
```

## Usage

```console
$ ./wireguard.sh help
Install, upgrade or remove WireGuard (github.com/WireGuard/wireguard-vyatta-ubnt) on

This file has been truncated. show original

U devices the install script supports:

There is also a VPN implementation availble via Tailscale, several HE folks here use it, I think @JasonJoel is a fan:

JasonJoel · February 16, 2022, 1:23am

I love wireguard.

That said, I use Tailscale extensively.

I've never seen ANY vpn as easy to setup and use as Tailscale, especially if you have a number of devices to setup. So even though my work laptop has to relay I still use it. When tailscale is able to make a direct connection (which it typically can unless there is some really weird NAT action going on, like there is at my work), then it is as fast as wireguard but easier to setup and with some interesting side features (file transfer, magicDNS, etc).

Navat604 · February 16, 2022, 1:41am

Same here. I am also using Tailscale and recommended to all my network noob friends.

ritchierich · February 16, 2022, 1:44pm

Do you have the remote management card in that CyberPower UPS? If so is it worth it?

I see APC is charging an arm and leg for theirs and only available on certain models, but their cheaper ones have a cloud only fee option with no API.

jkudave · February 16, 2022, 1:44pm

You should have zero issues. I just upgraded to a similar TP-Link Omada setup, keeping my Orbis as access points for now.

marktheknife · February 16, 2022, 1:52pm

I use the rm card with my cyberpower ups and i like it.

I’m sure with some more effort I could probably come up with a diy solution that costs less.

But for me, I think it was money well spent.

brad5 · February 16, 2022, 3:49pm

I can't speak to how the firewalls compare, and you can certainly do what you plan. I would consider taking advantage of the opportunity to replace the Orbis with Unifi APs. The UDM Pro and the Unifi APs work together really nicely. They give you a single management console and a lot of configuration flexibility I'm not sure you'd have with the orbis.

potts.mike · February 16, 2022, 7:22pm

I will eventually, just want to see the mesh, WiFi 6, 6e settled down first.

danabw · February 17, 2022, 4:28pm

General question...I haven't used Unifi mobile apps at all for some reason, just access my controller on my Pi from my laptop.

I did download the Unifi Network app the other day, and found you can't use it if you have your AP on a controller (I have my controller running on a Pi), as far as I can tell. Am I missing something? The controller web page UI on a mobile phone is terrible, not designed to be responsive for mobile devices at all.

ritchierich · February 17, 2022, 8:01pm

Current setup (changing this weekend as UDM SE arriving) is I have 3 UniFi APs with controller running as a docker container on my NAS. I have been using the iOS app for years with no issues. Should be the same with it running on a Pi too. I have to be on same LAN to connect though.

marktheknife · February 17, 2022, 8:09pm

I use the mobile app, and have had the controller running on both a windows server and a rasp pi (not at the same time). It works fine for me. Initially I had the cloud login enabled, then I heard about that clusterfuck with unifi leaking cloud account info and lying about it last year. Since then I’ve disabled cloud access and do local only.

danabw · February 17, 2022, 9:16pm

@ritchierich & @marktheknife

Can you confirm your settings in the app?

When I start the app it says it's looking for devices and then finds none and prompts me to add a device.

marktheknife · February 17, 2022, 9:28pm

Sure I’ll take a look when I get home.

ritchierich · February 17, 2022, 9:51pm

I just deleted the app on my old iPhone to walk through this again.

Click setup new device
It searches for consoles and fails
At bottom option Other Setup Options
Set up a connection by IP address
Give it a name, enter IP address of your Pi, and change port if you aren't using default

That’s all I had to do and hopefully same on your end.

danabw · February 17, 2022, 11:58pm

Perfect...thanks, I never clicked on that since my APs had already been set up. DOH - forgot my most basic rule, try clicking everything at least once before giving up. (Which, incidentally, is why you really don't want me defusing bombs.)

Appreciate it - so nice to see things in a proper mobile-sized/designed UI!

marktheknife · February 18, 2022, 12:16am

Good thing too, because I’m looking at the mobile app now, and I wouldn’t have had anything useful to tell you. Dodged a bullet on that one.

CAL.hub · February 19, 2022, 9:16pm

Excuse the OT question for the Unifi experts here.

I've never participated in the Early Access program before but i really want a Unifi 6 Enterprise AP (Wi-Fi 6E), so i signed up and got on the waitlist. Can i get some informed opinion on how long it's likely to be before I might see one?

jkp · February 19, 2022, 9:32pm

There is really no telling. Some products stay in early access for well over a year. With the chip shortage and supply chain issues... who knows! There are some products I want that are out of early access and out-of-stock... I will just have to wait.