UniFi network integration

speshimam · June 8, 2026, 2:39am

Hello

I have the habitat 8 c and attempting to connect unify network integration… I have put in the correct IP address, the created and put in API code, and tried the different suggested ports. It just say “no unify network discovered”

mavrrick58 · June 9, 2026, 12:18am

What unifi implelementation are you using. The built in one, Snelll's, Tomw's. There are a few, though i think the only one that uses the API Key is the Built in one.

What do you have running the Unifi Network Controller? You need to provide more details so folks know can try to figure out what went wrong.

speshimam · June 10, 2026, 2:58am

I am using the built in one. I am running it off the dream machine special addition.

rlithgow1 · June 10, 2026, 10:05am

Is your hub on the same subnet as the main ip of your dream machine?

speshimam · June 10, 2026, 11:24am

You are correct they are on different subnets

rlithgow1 · June 10, 2026, 11:35am

You have to add your primary vlan (the one your dream machine is on) to hubitat using an endpoint. Open a web browser and use this format…

http://<yourHubIP>/hub/allowSubnets?192.168.1.0,192.168.2.0,192.168.3.0 etc...

speshimam · June 10, 2026, 11:52am

Thx… will when I get home might need some more help

jkudave · June 10, 2026, 1:21pm

Do you have any firewall rules setup that prevents inter-VLAN/subnet traffic? If so, you will need to create a firewall rule allowing your Hubitat hub’s IP to the gateway/Dream Machine IP.

I don’t think @rlithgow1’s suggestion is enough, since your Dream Machine will still prevent access if you don’t have an allow rule while blocking inter-VLAN traffic.

rlithgow1 · June 10, 2026, 1:30pm

I think the default for all vlans is access to main vlan on dream machine (but not out to the internet)

thymer · June 10, 2026, 1:54pm

Trying to do the same here with no luck. The built in integration doesn’t see the UDM. They are on the same subnet. 2026-06-10 9:53:51.039 am

warn

Error fetching Network console info: HTTP 401. (URI: "https://192.168.1.1/proxy/network/integrations/v1/sites")

**app:173**2026-06-10 9:53:51.037 am

debug

fetchSitesInfoCallback(HTTP 401, [uri:https://192.168.1.1/proxy/network/integrations/v1/sites\])

**app:173**2026-06-10 9:53:50.935 am

debug

doAsyncHttpGetV1([path:null, callbackMethod:fetchSitesInfoCallback])

**app:173**2026-06-10 9:53:50.934 am

debug

fetchSitesInfo()

**app:173**2026-06-10 9:48:41.410 am

warn

Error fetching Network console info: HTTP 401. (URI: "https://192.168.1.1/proxy/network/integrations/v1/sites")

**app:173**2026-06-10 9:48:41.408 am

debug

fetchSitesInfoCallback(HTTP 401, [uri:https://192.168.1.1/proxy/network/integrations/v1/sites\])

**app:173**2026-06-10 9:48:41.375 am

debug

doAsyncHttpGetV1([path:null, callbackMethod:fetchSitesInfoCallback])

**app:173**2026-06-10 9:48:41.373 am

debug

fetchSitesInfo()

jkudave · June 10, 2026, 2:03pm

Hence my asking if there are any inter-VLAN blocking rules.

jkudave · June 10, 2026, 2:07pm

Your Hubitat hub needs to be able to access your gateway/UDM IP. If you have any type of firewall rule in place that prevents this, the integration will not work.

speshimam · June 11, 2026, 3:50am

Unfortunately you seems to correct…. I looked for the firewall rules but could not find.. Any chance you can help me?

rlithgow1 · June 11, 2026, 10:05am

Did you add the endpoint to hubitat?

jkudave · June 11, 2026, 10:50am

It should be pretty straightforward. Did you create any firewall rules or not? As @rlithgow1 mentioned, the default is to allow inter-VLAN traffic. You would have had to either enable the “Block All” Security Posture setting, or manually create firewall rules blocking inter-VLAN traffic. If none of what I mentioned sounds like something you may have done, then that is not your issue.

marktheknife · June 11, 2026, 12:53pm

I believe that applies to VLANs in the same zone (under unifi’s newer zone-based firewall).

If they’re in different zones, the default could be to block communication between VLANs, depending on which zone (although this would also show up as firewall rules created automatically by the UDM).

jkudave · June 11, 2026, 1:31pm

By default, UniFi allows all except for Guest networks, unless you enable the “Block All” security posture setting or you explicitly create firewall rules to block that traffic.

How UniFi Handles Inter-VLAN Traffic By Default

Inter-VLAN Routing: The router automatically routes traffic between all defined subnets. A device on your main LAN can freely talk to a device on your IoT VLAN, and vice versa.
The Exception (Guest Networks): If you specifically set a network's type to Guest, UniFi will automatically apply built-in firewall rules to isolate it. Guest networks cannot communicate with other internal VLANs or other devices on the same guest network (client isolation).

Here is exactly how the default behavior maps out in the Zone-Based Firewall layout:

1. Default Internal Zone-to-Zone Behavior

By default, all standard user-defined networks (VLANs) are assigned to the built-in Internal zone.

The Intersect Rule: If you look at the new Zone Matrix where the Internal zone crosses paths with the Internal zone (Source: Internal –> Destination: Internal), the built-in system policy is configured to Allow All Traffic.
Just like the legacy interface, any new VLAN you create immediately inherits this allow rule and can talk to any other local VLAN.

2. Custom Zones and "Implicit Allow" Quirks

If you decide to leverage the new Zone-Based architecture to segment your network (for instance, creating an IoT zone or a No_Inter_VLAN zone), you have to keep an eye on UniFi's baked-in rules:

Zone-to-Zone: When you create a custom zone, traffic between that new zone and other zones is usually blocked until you explicitly define policies in the matrix cells.
The Gateway Catch: A point of frustration for many advanced users transitioning to UniFi's ZBF is that any new custom zone you create automatically inherits a built-in Allow All Traffic –> Gateway policy (handling DNS, DHCP, or management access).

jshimota · June 11, 2026, 1:59pm

I believe that Unifi also provides 2 checkboxes for Isolation - port and vlan(I think its “Network Isolation” and “Client Isolation” but I’m not in front of my Unifi server ATM. Be sure you haven’t enabled isolation or there is no cross connection ability.

marktheknife · June 11, 2026, 7:17pm

Yup, this is pretty much what I was referring to.

Unifi treats new VLANs differently depending on which zone they’re in.

jkudave · June 11, 2026, 8:55pm

VLANs are one thing. Zones are another.

I’m trying to ascertain how the OP has things configured.

It is stated that the Hubitat hub and gateway/UDM SE are on the same VLAN. As such, by default, they “should” be able to see/talk to each other. If the OP has changed the default security posture or created a firewall rule to block access to the gateway, he may be preventing the hub’s access to the gateway. My setup required me to add a rule explicitly allowing my Hubitat hub to my gateway at the gateway’s IP address for that VLAN.

It doesn’t sound to me like the OP has zones setup, as the zone based firewall needs to be enabled, but I could be wrong.