The old USG is not the best performer for high bandwidth ISP connections, especially when trying to use some of the advanced packet inspection features. I would not recommend anyone invest in this older technology. Maybe as a short term solution, but not as a longer term strategy.
I’d recommend either the UDM Pro or UDM SE, as both offer better performance than the USG, can run the UniFi Network Controller App, UniFi Protect App, etc. Having access to the UniFi cameras, is a nice option for the future. The UDM Pro and SE both have NVR (Protect) functionality by adding a hard drive.
Yeah I installed it on a Pi 4 that I also use for Homebridge (not needed now) & Mosquito MQTT Broker.
Ouch - I'll need Deep Pocket Inspection more than Deep Packet Inspection! I'll struggle to justify the cost, though the integral controller would be nice. CCTV will be kept separate so I wouldn't use that - I'm all Hikvision.
Currently I'm running a Netgear R7000 that I'd flashed with Tomato firmware after a few issues with the stock firmware. After this mornings crash I can't trust it anymore. Space might be an issue for one of the larger rack mount units as the existing router is tucked away in a very small space. I'm thinking as long as the USG at least equals the performance of the old R7000 it'll do and I'll migrate to Unifi switches when funds allow. Otherwise I could forget trying to get everything Unify and look at Draytek for a router.
I run a UDM SE. Wanted a Pro but they were out of stock at the time, and I'm impatient.
It works, is stable, etc. But it is very hard getting used to the limited feature set vs something like OPNsense or pfSense or Untangle. Also annoying/takes getting used to needing to get deep into the guts of iptables, etc, on the UDM if you want to do something off script.
Want multiple non-continuous DHCP ranges on your network? Sorry. * Want to pre-assign static DHCP assignments before connecting the device? Nope.
Want to bulk import/export static DHCP assignments? Ha. Ha. Use the API and code it yourself.
Want to redirect all outbound DNS to a local DNS server to account for devices that don't respect DHCP DNS settings (like Chromecast and Google Home)? LOL, what? No.
Etc
But, that said, it works well enough and I'm using it.
Wow that's a fairly basic requirement and something I needed to do this morning in order to restore all of the devices to their previous addresses after the crash. I was able to just copy and paste the Mac addresses straight from IP Scanner and type in the IP to assign.
Agree 100%. UniFi definitely is more the Apple versus Android thinking, IMHO. Thus, they attempt to 'Keep it Simple', which does have its limitations. Like you, I have learned to just use it, without trying to overly complicate my home network. I have a UDM base, which has been serving me well for a couple of years now. I do wish I had the option of running the UniFi Protect NVR, which is why I would recommend folks look at the UDM Pro/SE options, if that it on anyone's radar.
UniFi Controllers configuration is easily backed up and restored. Ubiquiti even offers an automated cloud backup for free, if the user chooses to enable it.
Thanks for sharing -- I was going to offer the same comment. I recently noticed it also (and was fairly surprised that they didn't offer it previously). Plugged a big usability hole for me.
Hmm. How about the all in one Dream Machine. I originally steered clear of this as it wasn't WiFi 6 (and couldn't get hold of one promptly). Are there any known issues with it? Thoughts:
It still has the integrated cloud key (so I can move it from my Pi)
I assume it's a bit more up to date than the small USG (but has similar features)
It's going in the same room as where I deployed one of the U6 Lites but I imagine I can disable the wireless functionality and leave the U6 Lites as is or I could use the AP in the Dream Machine and relocate one of my U6 Lites (and PolyFilla all the holes - my wife will be unimpressed)
It's a bit easier on my budget
I'd need to be sure that I can migrate the existing 2 AP's onto the UDMs built in controller and that I could also add Unifi switches as well. Is that the case?
I'm getting even more confused by the product line up. There's a WiFi 6 UDR available and it's not clear as to what's the difference between that and the UDM
I can see the newer UDR IS WiFi 6 unlike the UDM and also has 2 PoE ports. From the website I can see that AP's can be added but it's not clear as to whether the controller is built in?
So looking at the table for Nov 22, it seems as though the newer UDR is the upgrade to the UDM. WiFi 6 rather than WiFi 5, 128GB rather than 16GB internal storage but strangely a slower processor. It looks to be suitable for what I need and my speed. When I posted some time ago before getting the access points, this newer model was not available and the main reason I didn't get the UDM was a lack of WiFi 6. This looks to be a no brainer as it's cheaper than the older UDM.
Edit: Ordered the new UDR. So with the coverage I have already I wasted £120 on an AP 6 weeks ago that this will replace - bugger.
It is in most ways, except for MAX throughput due to lower CPU specs.
The 128GB of internal storage is only usable for the UniFi Protect NVR storage. The UDR NVR storage can only be expanded via an SD card slot, IIRC. So, if UniFi Protect is at all of any value, I'd still recommend one of the more powerful UDM Pro or SE solutions. The UDR's weaker CPU also limits the number of Protect cameras that can be supported.
Nice to have so many options to chooses from, all with their Pros and Cons.
It's hard to have too many APs these days. Place your APs reasonably equidistant from one another. You'll want to tune the radio channels and signal strength. The Wifiman app works reasonably well.
I would really like to be able to do this with my Unifi router as well. And ideally for NTP requests too.
I got a UXG-Pro a couple years ago while it was available in early access; at the time it was the only Unifi routing solution that could handle a gigabit up/down FIOS connection with IPS/IDS running. Now I kinda wish I had waited for a UDM Pro or SE, but I had just moved into a new house and needed the hardware when I needed it.
I found this thread in the Ubiquiti community forums a while back, but I believe the whole config.gateway.json thing only works on the older USGs, not the UXG-Pro.
Plus it's the kind of hacky solution that is just enough of a stretch for me to try to implement, there's a non-zero chance I'll end up blocking all DNS traffic because I added an extra space to a line in a json file, or something like that.
A wireguard server built into the UXG-Pro and accessible from the GUI would be nice too. Hopefully that'll happen soon enough, since they've recently added native wireguard support to the routing devices running UnifiOS.
Considering that (IIRC) Ubiquiti was founded by some ex-Apple engineers, it makes sense that they would have some Apple-esque "quirks" to their methods. Certainly their styling consistency in model series as well as their price premiums (for most items)...
Their more lax attitude towards Early Access equipment and users though is off by comparison though.
It was the USG I was I initially looking at but it didn’t seem to be recommended if you had over a 300 meg connection. I’ve gone for the newer UDR, which although considered the ’entry level’ model should be sufficient for my needs. I ordered it direct from Ubiquiti Europe store and hopefully it’ll be with me in a day or two.
