Complete UniFi Setup Guide 2023

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to my channel thank you for being here I appreciate each and every one of you and what we're going to do in this video is we're going to do a complete UniFi setup and it's going to be for a small office maybe a home office mediumsized office uh and what we're going to do is we are going to use the nextg Gateway so no surprises ubiquity did send this to me thank you for that the other thing that we're going to use is a cloud key we always recommend that you host your own UniFi first whether it's on a cloud key or whether it is you know on a virtual machine a Windows box or whatever we do recommend that you always host it first so we're going to use this uh this is mine I did uh buy this one when these were available then the other thing that we're going to use and this is something else that I also bought was the U6 Enterprise so this is uh Wi-Fi 6 Wi-Fi 6E and it does have a 2.5 gig Port now something else that I that I also that I bought uh is this Enterprise 8 Poe switch it has 2.5 gig uh ports 10 gig SFP plus ports um and so we are going to use this as our switch now if you weren't using an access point that had a 2.5 gig Port um you could probably get away with the tried and and true UniFi 8-15 probably between this and the edge switch version of this probably my most favorite uh ubiquity switch to be honest with you um you know they're fanless you can mount them anywhere shove them anywhere passive Poe or Poe plus just a fantastic fantastic piece of Hardware now uh the uxg light I don't know if I said mini or Pro earlier but this is the uxg light so let's take it out of the box and we'll physically compare it to our usg3 so the packaging is very simple we'll go ahead and get this opened up there's a QR code there that you can scan if you want to get to the qsg and all that good stuff open it up I am digging the simplified uh packaging here is the uxg very uh very Sleek looking what else do we have in the Box cardboard divider we have the power brick which is USBC and then underneath this there's some more um information here it was glued into the bottom of the Box uh I am glad to see not a lot of packaging with this this is not a ubiquity specific thing but all vendors I think need to uh start being a little cognizant of how much packaging that we're sending with all this gear so we'll get our plastic off of our power brick for the uxg and we'll take there is a plastic um plastic cover on the uxg light and this is a good look device you can see this here the U on top serial number all that stuff on the bottom on the back we've got uh one W Port one landport and then power and a reset button very very Sleek device so I just happen to have by the way I do have USGS so here's a usg3 which we could say that this is the direct replacement for and there is a size comparison and ubiquity says this has 10 times the horsepower of this so you can see the the size this thing's just just about uh it's not that much bigger than the square right in the middle of the usg3 I still got tons of these out there so here's what we're going to do we are going to Uplink the uxg to a switch that I've got over here to get its internet feed and then we're going to plug it into the Enterprise switch as well as the access point and the cloud key so stay tuned I'm going to get that all hooked up and uh we'll see what it looks like all right so I've got everything plugged in let me see if I can show you this without dropping it I need to get some overhead cameras but we've got our eight Port Enterprise switch we've got our USG Uplink I'm getting about 400 megabits out to the internet tonight uh but this is Uplink to a switch then it's plugged into Port one our Cloud key Gen 2 is plugged into Port two and then Port eight is our switch over here or I'm sorry our access point the U6 Enterprise and everything is uh has an LED status of white and is waiting for adoption so what I'm going to do is I'm going to move my PC over we're going to fire up a web browser we're going to log into the cloud key and we're going to start configuring this and we'll talk through it as we do it all right so here we are the uh IP address of my cloud key Gen 2 is 19216811 183 for now uh I got that from looking at the uh L LED LCD screen on the front so let's go ahead and set up the cloud key Gen 2 so we're going to call this uh unify with it doesn't like spaces so unify with uxg light and we're going to agree to the terms of service and so I can proceed without an account or I can bind this to my ui.com account now the major advantage of binding this to your ui.com account is you can get to it from anywhere if you enable the remote access and having uh bound this to ui.com it is going to enable you to have multiactor authentication on the device and that is in my opinion hugely important should be done um so you could create without or you could proceed without an account you could create an account if you don't have one I'm going to go ahead and bind this to my ui.com account so I've got MFA but we can still access it by the local I IP so I'm going to go ahead and put my information in here and sign in okay you can see that it is now asking for my uh MFA code which I'm going to put in here okay so that last screen the reason I paused that is because I own several devices and so what it did is anything that had a backup it presented it to me with the had a Network application back up and presented it to me as though I you know hey do you want to restore this and I did not and I I didn't need you to see some of those console names because I do manage consoles for other people so I like a little bit of privacy there so it is reloaded we'll we'll go ahead and proceed now and it's automatically uh updating so I did not uh do that it started this update so and this is probably several vers versions behind if I had to guess so I'm going to go ahead and let this thing update as soon as it's done we will be right back okay so we updated we rebooted and we got a different IP address we're going to end up putting a static IP on this here shortly but uh let's go ahead and get signed back in all right it is once again asking me for my [Music] MFA so we'll go ahead and do that and you'll notice I'm still um talking to this on the local IP address um and I have MFA that's because I have it bound to um my ubiquity account so we can see here it's called unify with uxg light okay by default it wants to auto update UniFi OS in the applications I'm going to disable that I don't let that happen we usually watch the community do some testing things like that so the version of uh Network that is on here right now is 7.4.1 162 so a you know a little bit of an older uh version but as you can see if I come in here even on a 7.4 version I can still adopt all of these devices I saw somewhere that someone said you had to be on the 8 uh Branch for this absolutely not true you can see that like I said we are on 7.4.1 62 and we could adopt these devices however I am going to go ahead and update to the 8.07 release so we'll go ahead and do that we're going to use the new interface for most of these things so I'm going to let this update uh and while we're doing that let's take a look so we've got our admins we've got our UniFi devices nothing is adopted yet we've got our console settings here so it's going to automatically back up to UB ubiquity once a week we're in the Chicago Central uh time zone I can turn that screen uh down put it in uh night mode so it turns the screen off at 10: p.m. turns it back on at 8:00 a.m. I do have remote access enabled I am not sending analytics and improvements to ubiquity and I do not have SSH enabled uh for the cloud key I don't have any reason to do that yet now if I was going to um you know do a captive portal or something on here I would probably do that um if I'm going to access this with a fully qualified domain name and I'm in an environment where I'm going to have Auditors come in I'm going to put an SSL uh certificate TLS certificate whatever you want to call it I'm going to put it that on there and I'm going to uh actually get to this by the fqdn Auditors hate self sign certificates um and you know good reason so we've got our map we've got our about this console so we can see uh everything that's going on here and let's see where we're at with our update so this thing is still still updating and uh I'm going to let it update and we'll be right back all right so our update is now complete so we're going to go ahead and launch Network and then we're going to go in and um right now it doesn't see any um devices so we've just got this access point or the Wi-Fi uh version only but I want to go in and I'm going to turn this onto the uh the new let's see here by the way we are going we going to say that we're a professional installer and this says it is on the new interface so we'll go ahead and apply that coming up with that Wi-Fi only one threw me off for just a second all right so we're going to go over here and we are now going to go ahead and we are going to adopt all of our devices so we're going to adopt the next gen Gateway light the U6 uh Enterprise and we're going to adopt the switch so we're going to let all these adopt real quick and we will be right back all right you can see that our devices are now adopting and our controller uh has changed we have uh now we have the ports the radios the Gateway so as soon as the switch is done updating it's leading to updating to the latest um firmware we be be ready to set our static IP addresses on our devices and then start setting things up so we'll be right back as soon as this is done all right so everything is up to date and rebooted so we have our uh Cloud key now shows up under UniFi devices and of course we got our nextg Gateway U6 Enterprise and our uh switch Enterprise 8 Poe this is the uh first version that was released not the the latest version so let's go ahead and of course our Gateway is going to be 1.1 we're going to make our switch 1.2 so we're going to click on that we're going to come over here we're going to go to settings we're going to go to IP settings and we're going to do static we're going to make it 1.2 DNS we'll just leave it set to uh the Gateway because we're going to let the Gateway handle uh the DNS subnet mask will be 255 255 we almost slip look at this we keep slipping into like uh Hollywood style networking here all right uh alternate DNS we'll just put uh we'll put cloud flare there our Gateway is 192 168 1.1 and DNS suffix um we'll leave that we'll just leave that one blank for now and this is the only switch uh that we've got so we can leave the priority we don't need to to adjust a spanning tree at the moment so I'm going to go ahead and apply those changes so that's going to update the IP address of the switch the next thing that we're going to do is we are going to update the IP address of the access point so we'll go into settings here and and we'll scroll down to IP settings and we're going to do static and we're going to make this one 1.3 and we're going to fill out that same information and we'll go ahead and apply that and then I'd really like my uh Cloud key to be 1.4 now we can accomplish this a couple different ways we can do um you know fixed IP address here or we can go back into the console settings scroll down and set a static here so what we're going to do is we're going to make this one should be 1.4 I believe is what I said if you uh if you screw this up and you overlap an IP then you're going to be in trouble um but I've got 1.1 1.2 1.3 1.4 and primary DNS is going to be 190 we keep going to Hollywood here 16811 and then we'll do cloudflare as our secondary we're going to go ahead and apply changes and uh we are going to lose access to this on the 192 1681 185 as soon as this change takes effect so I'm looking at the front of it to see if it's done and it's done so we will go to 1.4 and hopefully it'll let us back in yep we got a sign back in I'm going to sign back in we'll be right back all right so we are logging back in on the new IP address and we're going to go ahead and head on over to network and our IP changed so our our Zoom settings changed here a little bit all right so uh by default we can see that we've got some traffic identification going on uh if you're not familiar with the 8.0 release we've got our topology map pretty nice up to date here we see all of our UniFi devices and everything is reopt over to the new IP address it's in the same network so uh we don't have to do any informs or anything like that uh it just finds it it's UniFi magic right we got our client view this is my desktop and you can see that I am um plugged in at 2.5 gig in fact the adapter that I'm using is a 2.5 and 5 gig adapter so I am negotiated at 2.5 gig here is all of the switch ports the ports that we uh can configure or this is I'm sorry this is our our overview um pretty nice I like the colors very soothing uh here's our our insights we can drop this down we can say just show us the Gateway just show us the switch or we can do all and of course here's that VLAN uh overview that I did some uh a video on last week now here are the radios and you can see this is is an Enterprise so it's got 2.4 GHz 5 GHz and a 6 GHz so this is um you know Wi-Fi uh 6E we've got our coverage we don't have anything created yet we're just I'm gonna we're just flipping through here to see what we've got going on it did a uh it already did an environment uh scan here and so we can see we've got some stuff stuff happening over there and then I haven't run any speed tests here's our our Gateway um our Gateway stuff by default you can see we are capturing traffic uh we identifying traffic here's the filtering here's the Geo like I said none of this is set up yet of course we've got our system logs we're just doing just a quick overview okay so the first thing we're going to do is we are going to create a WiFi called UniFi uxg and this will be our our private WiFi and I'm just making it 1 2 3 4 5 6 7 8 9 z uh we're going to come down here we'll take a look at this uh we're going to go go ahead and uh use all three bands uh we're not going to do band steering we're not going to hide the Wi-Fi name we're not going to do isolation uh because we want these devices to be able to see each other it is going to be WPA WPA 3 and the scheduler is off so I'm going to go ahead and add that uh Wi-Fi network so you can see that now the next thing we're going to do is we are going to add two networks to this we are going to add an iot Network and a guest Network now technically we could probably go ahead and use the same network um but we we going to separate them so uh real quick I don't want this thing to autoscale so I want this to always say uh stay a sl24 and then we've got some options under here we could do isolation uh content filtering uh we are not going to do any content filtering at the moment so now what we're going to do is we're going to create a new VLAN and we're going to call this iot and the uh Gateway for this is going to be the UniFi nextg gate way light and we are not going to let it auto scale and we're going to leave it 192 1682 VLAN of two and we are going to go ahead and isolate this network we'll go ahead and add this then what we're going to do is we're going to add one more and we're going to call this guest we're going to uncheck autocap we're going to turn on isolation now if you want to do the content filtering you can totally do it we typically do it through DNS now I am going to create one more since we got a 2.5 gig uh switch here if we had uh some servers that had uh Nicks that were capable of negotiating that 2.5 along with the access point that's can do 2.5 gigabits of throughput um and we know that our Gateway can only do one gig so we don't want to you know send that uh traffic through there uh what we can do is we can create a new VLAN and we can call this servers and we can make the switch Enterprise 8 the router because it's going to be able to switch and move those packets faster than the Gateway right so um we can do this and we don't need to isolate it because that's going to be that's it's going to be our servers so we'll add that so this is looking good so far all right so let's go back to our Wi-Fi we're going to create another new one we're going to call this uxg light iot we're going to give it a uh password 1 one 22 3 3 4 four 5 all right network is going to be iot down here so we don't necessarily have to turn on the hotspot portal if we do turn on the hotspot portal then we want to get an SSL certificate we want to do all kinds of things um and this is iot so it doesn't need it but we do want to turn on the device isolation so we want to do it here and we're going to do it on the um the wired Network at this time I don't think I need anything else um if it becomes problematic we'll put a Wi-Fi speed limit on but we're probably going to put our TVs and stuff like that in here so we've got our uxg light in fact I'm going to edit that though so it says unify [Music] dg- light- iot and of course you can name these uh whatever you want now I'm going to create that guest Network it's going to be uni-g Dash light- guest and just creating a simple password this is going to be guest manual and we're going to turn on that client device isolation and then we're going to turn on some Wi-Fi speed limits but by default we don't have any so we're going to create a new profile and we're going to call this guest and what we're going to do is we're going to give them five megabits down and two megabits up so that is there uh see here we're going to we'll add this then we'll go back and we'll apply that speed limit we also want the guests to have Wi-Fi six where did our Wi-Fi speed limit go drop that down I not save that thought I did that was weird let's refresh this and see what the deal is there there it is and so now each one of those guests is only going to be able to use five megabits down two megabits up more than enough if you're on a phone and iPad whatever to get highdef um uh highdef stream so that is all set up so now what we've got is we've got our main uh Network we'll just kind of recap that which is our default we've got a servers which is actually uh the layer three switch is actually handling that traffic and then we've got an iot and a guest which are segregated from everything else completely all right on the internet here I don't really need to set anything else up I'm not going to do any Fair cues smart cues or anything like that I'm not running voice on this network um if we were were we would probably set those up at a minimum that's really the best quality of service that we've got here so all right what else are we going to do so by default it looks like teleport is enabled and I'm going to disable that and I'm going to go over to VPN server and do I want to use wire guard or openvpn that's a tough one so I think I'm going to use openvpn now it's going to give us this warning that our W IP is uh dynamically assigned it is also an RFC address so in this case we would have to have Dynamic DNS or we should have Dynamic DNS setup we would actually use Dynamic DNS in the host uh as the host name inside the file and I'll show you that here in just a second so we're just going to leave this called openvpn you can also Al use uh an alternate um address for the clients so instead of us having to uh edit that file we can just say uh uxg dl. Willy how.com if we had the uh the fqdn setup we're going to create a new user we're just going to call this Willie we're going to create the user here and we are going to manually set this we'll drop this we don't we only need five usable vpns um so we're going to go ahead and add this and then uh it's going to go ahead and generate the config file and we can download it and I'll show you what that looks like all right so it is uh made the configuration file we're going to go ahead and download it and uh open it up real quick all right and this is what the file looks like it's got the certificates and the keys embedded in it and you can see that it uh put our fqdn in here and then uh by default all traffic is going to flow through this so it's not it's not a split uh tunnel but you would just import this into whatever openvpn client uh you're running and you're going to be able to connect directly to this uh this network all right so the next thing we're going to look at is security so by default it looks like we've got some device identification going on traffic identification so we are going to block some uh countries by default so by default I want to block [Music] China [Music] and Russia so we're going to block those now I can do add blocking uh sometimes things get a little messed up when that happens uh so if you want to do ad blocking go ahead have fun with that um if you're interested in an internal Honeypot what that does is it sets up a host and any of the traffic any of the things talking to that gets logged and you can take a look um at that the next thing we're going to do is we are going to turn on suspicious activity we're going to turn it on in all the networks I want to do a notify and block and we're going to do high we're going to turn on the dark web blocker block malicious uh IPS we're going to go ahead and click apply on that uh we don't need any traffic rules or port forwarding or firewall rules at the moment everything should be good there uh we once again I don't think we need any uh traffic routes static routes um here's our our profiles so if we were doing voice or things like that we could come in here set up special profiles for that here's our Wi-Fi speed limit remember we set that guest um we can set up different radius we can set up IP groups for firewall rules but by default uh we're in a really good a really good spot with this so we we set up our networks we set up the security between the networks now the only thing that we might want to change is if we've got a server and we want want it to be on the server uh VLAN what we want to do is we want to come into Port manager and we're going to click on Port three we'll say we're going to put a server here right so we're going to call This Server uh Native VLAN we're going to drop drop this down it's going to be the servers Network and we could uh block all allow all or custom so are we going to allow other uh tagged you know traffic basically returning this thing into a trunk and we could come in here and say block all and then it's not going to tag it's just going to be the native uh VLAN on that Port so we can click apply there you can also see that our U6 Enterprise is uh connected at uh 2.5 gig come over to our insights we can take a look here here's our vlans so now that we've got all these different vlans we can see exactly what's going on we can click those ports it'll drill down into that so Port three here's a port three setup um that's it so this should get you up and going with a small office a home office if you've got any uh questions about this let me know um I know it's it's a lot uh and we didn't get real deep into the weeds of the explanation of why we do the things that we do but let me know if you've got those questions and um if you want to see more long form videos like this let me know down in the comments and if you like this video please give it a thumbs up please subscribe please comment and share and uh you know uh if you want to see other testing with this I'm not going to tear this down let me know what you want to see down below follow me on Twitter and Tik Tok those links are down below along with affiliate links and a patreon link to support the channel and if you need it Consulting you'd like to get your network set up tuned up your Voiceover IP your storage your security all those things head on over to Wily how.com fill out the contact form and submit it and someone will be in touch with you as soon as possible once again I'm Willie let me know if you like these long form videos and as always I'll see you in the next video
Info
Channel: Willie Howe
Views: 26,357
Rating: undefined out of 5
Keywords: unify network, ubiquity networks, unifi setup, unifi 8, willie howe unifi, uxg lite, willie howe, willie howe technology, uxg setup, home office network, network setup
Id: XxxAIUbWKOs
Channel Id: undefined
Length: 34min 59sec (2099 seconds)
Published: Mon Nov 27 2023
Related Videos
UniFi Express
Willie Howe
23K
Top 13 Unifi Network Setup Tips - Planning and Optimization
Ethernet Blueprint
30K
Migrating from USG3/Pro to UXG-Lite/Pro - Lets have a look at all the gateways(mostly) and U-LTE-Pro
JimtheITguy
8.7K
pfSense vs UniFi Firewall: May 2024 Edition
Lawrence Systems
52K
Updated Network Tour!
John's Tech
4.9K
2022 Complete Unifi Setup Guide
Miller Technical Services
480K
Rackmount Your Cloudkey
Willie Howe
2.4K
I get giddy just looking at it - Ubiquiti Cloud Key Enterprise
ShortCircuit
376K
UniFi Network BEGINNERS Configuration Guide | 2024
Unified IT
77K
UniFi Cloud Gateway Ultra
Willie Howe
27K
Powerful protection for your network! // Unifi Express
Christian Lempa
41K
My Full Unifi Network Setup - Firewall Rules, VLANs, WiFi, and more
Raid Owl
44K
UniFi Network Setup & Configuration Guide | 2023
Unified IT
206K
UniFi Express: A Beginner's Guide to UniFi Network
Poseidwn Tech
20K
What Do I Need To Run Ubiquiti UniFi Cloud Gateway Ultra?
The Tech Geeks
15K
UniFi Express: The Game-Changer in Home & Small Business Networking!
Crosstalk Solutions
234K
Get FASTER Internet: Ubiquiti UniFi Setup and Cost at Home
Michael Leen
12K
UniFi's Brand New High Availability Feature! - Automatic Shadow Mode
Cameron Gray
9.5K
Unifi Mesh - Fix Your WiFi Issues!
Crosstalk Solutions
174K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.