Unifi Firewall Help


Hoping to get some help setting up a unifi firewall rule to allow outbound traffic from my HE. I am trying to install Package Manager, but my hub can not resolve the DNS on Github.

Error downloading https://raw.githubusercontent.com/dcmeglio/hubitat-packagerepositories/master/repositories.json: java.net.UnknownHostException: raw.githubusercontent.com: Temporary failure in name resolution

Doesn't look like a firewall issue looks more like a DNS issue. Are you using the built in DNS of the router or something else?

I agree with @ronv42 unless you created a rule, firewalls do not block outbound traffic, mainly inbound. But DNS greatly affects outbound. How is your hub getting the IP stack, via DHCP? What DNS is the DHCP server giving out? Try adding Google's DNS as a secondary ( Also can your computer resolve the address?

Using for primary and as secondary ( Just updated this, as it said "default" originally). No pihole or adguard.

My computer can resolve the address. My hub is on a static IP.

Try using a DHCP (better yet a DHCP reservation) to test and see if it can resolve with a distributed IP. If so work backwards from there to find the dif. Does your Hub have cloud access? Update and dashboards, is it just github or all internet traffic?

1 Like

Total shot in the dark, but maybe you're running into the issue discussed in this thread. This post has instructions for setting DNS servers based on the generation of hub: DNS bug in

1 Like

Now that you mention it, I was having issues searching for an update. Looking a little deeper, it seems to be all traffic.

Ill give these a try

Thanks everyone. This worked! I set my hub DNS to Also changed to DHCP, so I'm not sure which was the actual fix.

I do seem to have that DHCP bug though. I had to manually look up the assigned IP. Web UI is directing me to the old IP. Hopefully some restarts will fix.

1 Like

When using DHCP, how do you get your bookmarks and dashboards to connect properly without looking up which IP was given out?

@TechMedX When using DHCP, how do you get your bookmarks and dashboards to connect properly without looking up which IP was given out?

1 Like

Use DHCP reservations. That basically means every time a given device asks for a DHCP address give it the same one. Check this out

If you get stuck PM me, and I can remote on and show you if you want. For good HE'ers I'll waive the first few mins (during slow times) :wink:

Once the device has a 'reservation' you can map to it like a static IP.

The bonus is, if you switch routers/firewalls/DHCP servers/the device will still always "check-in"

1 Like

I set HE settings to static, thinking the DHCP settings in unifi needed to match.. I now have HE settings as DHCP, and Unifi set to DHCP overall, and static for the HE device. Everything is functioning properly

Thanks for your help!


Piggybacking on this. Anyone using vlans on their UniFi, then dns and/or dhcp through pihole? Any recommendations? As Iā€™m reading it, pihole only hands out dhcp to one up range?

I tried many ways and decided to leverage the DHCP server in my Untangle router since each VLAN has it's own DHCP configuration. Those DHCP configs then points DNS to my Pi-hole which is on a "public VLAN core" and router rules setup for each VLAN to route to the Pi-hole for DNS.

I tried to have the Pi-hole listen on and then created mutiple VLAN interfaces in the Pi and it was just not working. I am sure I missed something in that config when I was hand writing DNSmasq custom configurations.

1 Like