Notes about a residential installation of a Ubiquiti UniFi network with 5 switches, a couple access points, UniFi controller and USG-4 router. UniFi security cameras will also be deployed.
Check back for updates
The UniFi network is replacing an existing network that used a Ubiquiti EdgeRouter with a Raspberry Pi running DHCP and DNS. Although the UniFi USG router can do DNS and DHCP, the Raspberry Pi is going to be used.
USG Deployment
- Deploy the UniFi switches.
- Edit the LAN network on the UniFi controller to disable the DHCP server.
- Connect to the USG with the default 192.168.1.1 address, turn off DHCP and change the network number and router interface IP address to the existing network numbers.
- Return to the existing subnet and adopt the USG.
- Create VLANs at some future date to provide some isolation.
Custom Configurations
The USG router uses a Ubiquiti adaptation of the Vyatta open source router code as does the EdgeRouter. In fact, the USG runs the EdgeOS just like the EdgeRouter. However, the USG is configured from and provisioned by the UniFi controller which overwrites any configuration changes made on the USG. In order to customize the USG configuration beyond features available in the GUI, a JSON file must be placed on the UniFi controller. The UniFi system converts the JSON to the Vyatta format for the USG.
The USG can be configured with configuration commands like the EdgeRouter. Ubiquiti documents the customization process which includes executing commands on the USG and exporting the USG configuration in JSON format with the mca-ctrl -t dump-cfg utility. Then clip the custom JSON snippets from the USG dump and place them in the UniFi file system for provisioning.
- WireGuard VPN
- OSPF routing with IPSEC
- Use
mca-ctrl -t dump-cfg > /tmp/config.jsonused to dump the USG configuration as a JSON file.
No comments:
Post a Comment