How To Build A UniFi Network from Scratch

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome to the channel we are uh starting out this new series hopefully it uh is helpful out helpful out that's a nice one um so today we're gonna set up a unifi network from scratch we've got six switches switch aggregation unified dream machine pro 30 access points and yeah it's a pretty large deployment for a nursing home and it's going in here in a couple days so i'm just going to walk through the basics on what i do to set up a unified network all right so we've got all the gear set up and powered on here minus the access points i'm going to get to that here in just a little while the first thing you want to do with your dream machine is plug in the cable so i've got a lan cable here from my home network so we'll plug that in let it negotiate and once we get it up and set up we are going to work on the connecting switches adopting them and getting them provisioned the fastest way to get the dream machine online uh quickly is to download the app so what we'll do is we'll set up the app to provision the dream machine update it and then i'm going to log into it with chrome because i like that interface much better than the smaller phone screen okay so on phone um in the unifi app if you go back and click on the unify app uh it will detect with bluetooth the udm pro we're going to click setup we're going to name this one delta south it's just going to be in a business healthcare 100 that's probably about right we're going to use my ubiquity account so it shows up with everything else auto optimize i'm actually going to turn this off it can have some weird effects on the network i personally like to keep control over what the access points are doing what channels they're on and the auto optimize if it detects radar from an airplane or something like that it can maybe force the system to change channels and we don't want that uh send diagnostics and performance uh i can do that we like ubiquity guys uh update schedule i'm gonna turn this off because also i want to be in control of when the updates happen not to disrupt any business currently we are plugged into a gig fiber and they will have a gig over there as well one interesting thing that i learned about the dream machine pro is if you set your uh bandwidth lower than the service speed it automatically throttles everything so if you've got a hundred mag connection and you set your upload download bandwidth inside the unifi controller to you know say 50 that's your max i don't understand why it throttles down but that was a lesson learned the hard way um so currently download speed that i'm being fed here and this is running through my dream machine at the house two more switches uh so there's a little bit um of a thing there so i'm getting 667 megs download 853 up that latency also seems a little high because this simo fiber is super fast so what i'm going to do since we're going to have a gig i'm going to put a thousand megs here and a thousand bags there so the dream machine doesn't accidentally try to uh throttle something for us so we're gonna review the configuration uh yes it's going to my newfangled account it's going to delta south that's what we're going to name it time zones correct yes finished so it's setting up a basic network for us to use it may also check for firmware updates okay setup complete in 3 minutes and 14 seconds not too bad so we'll go ahead and go to the dashboard here and make sure that this uh yeah there it is five stars ubiquity thank you okay so now we're gonna go through and start hooking up the switches and we'll tie my computer itself onto that network so we can access it locally and make all our setup and configuration changes from there because doing it on the app works great if you've got two access points and a switch but this is going to be a much longer setup process so i'd like to have it on the screen all right so first thing i'm going to do is try out this new switch aggregation i just pull these little caps out uh they're protecting the sfp slots i haven't actually used this switch aggregation device yet so this is uncharted territory for me as well they're going to use the unifi direct attach sfp cable so keep a 10 gig link in between the dream machine and the switch aggregation and then i'll also use a 10 gig link between the switch aggregator and the 48 port usw pro the other switches the 16 ports over here will all be one gig links we are going to use fiber as you can see the fiber modules here but i believe the 16 port switch is only good for uh one gig on the sfp ports and that's all we really need each switch is going to have six access points on it maybe seven not a lot of high usage on those and they're distributed throughout the building so you take the little blue protectors off slide it in doesn't fit flip it over there you go it should click and i did it again there we go and we have link lights so that's uh fantastic i'm going to go ahead and plug in the 48 volt switch to this mix as well actually let's put him in port one okay we're gonna log into this computer see what we uh can find here okay so once you're on your computer um navigate to system preferences if you're on a mac um and then we'll go to network we're gonna look at ethernet we're gonna see what our ip address is and what the router's ip address is this how we're gonna log into the dream machine pro so we'll copy that then we'll click over to chrome and put this up here paste and go connection is not private yeah go ahead all right so it should be tied to my unifi account so we're going to try to log in with that sometimes this is weird the first time but we're gonna give it a shot it could be a typo let's try it again there we go okay so this is the main interface for the dream machine pro if you have other uh the other apps running like if you had cameras and you wanted to do protect that would show up here as well i believe they have the access and the talk controllers as well you can control all those settings in here and tell it which applications to run the protect controller will not run unless you install a hard drive for this project i'm not using protect so i don't need the hard drive and i don't need the app to run but this is where you can tell which apps uh to run if we go back to general everything looks fine so far uh we can give it a location uh this is gonna be in sexton missouri i'll put the exact address in later we'll confirm that advanced settings you always want to turn on ssh first thing because sometimes ubiquity gets the uh software wrong and you can easily lock yourself out of these sometimes i do it on the dream machine and i also do it on the unifi controller as well and the protect controller if i'm running that as well so we're gonna give it a password oh hang on write this down every time automatic firmware updates are disabled now this is where you go to factory reset or restart the device as well so to get back to the main screen you can just hit the you in the corner that'll take you back to the main interface we're going to network this is the main dashboard for the unifi controller this is running the old software so i bet there is a firmware update available let's actually go back for a cloud key and any other unifi controllers the firmware for the controller you update directly in in the network app but in the dream machine everything comes through the firmware on the dream machine so yeah 1.6.8 yeah we're way behind on this one update available hey that's interesting a little anagram gonna go up to version 1.8.6 and then i'll get back to you here as soon as that update is finished so the device reboots as part of the upgrade process so we'll wait for it to boot up and we'll log back into it okay so it looks like it is booting back up it's picked up the 48 port switch we're not going to add it just yet we'll wait for this to get fully uh booted back up and it went ahead and turned on these two apps for us with the update so we're going to go ahead and turn those back off because we are not using either of those no sense in wasting the resources and the protect controller should not even try to open because it doesn't have a hard drive installed so it did interesting go ahead and stop protect as well okay and then back to our main screen unifi network and over here in the devices tab we're going to click that we're going to see what we have here so far we have the switch aggregation unit and the usw pro 48 which are both ready to adopt what we'll do is we're going to adopt them first go ahead and adopt them both and then i'll run the upgrade for those i'm going to start adding the rest of the switches usually takes a minute or two to provision what it does is it ties the switches to this unifor unified controller so if someone else plugged in for whatever reason another uh unified security gateway or udm pro or anything else uh it's tied to this controller and can't be taken over by another one the access points do the same thing i'm perfect so we will go ahead and upgrade the firmware on these we're going from not a massive upgrade on the switch aggregation it's a newer unit let's see how far off this one is oh yeah version 4.0.64 to 5.43 definitely do that all right and this will take a few more minutes so i'm going to plug up the other switches and we'll get them going as well so these switches are still updating handy having these nice screens i like the screens also glad that they put a little screen saver on them uh because previously they were just black screens but now with the new software update it actually does a nice little like star field animation and let you know that it's on and working if you couldn't see all the blinking lights i guess but it's still nice having something on the screen even when they're sleeping so i have these uh sfp to ethernet adapters that i'm going to use for this just so i can make sure that the switch aggregation device works as intended i'm sure it does but since it's my first time using it uh we're gonna see run it through its paces i guess is what you could say but i don't have any more of the direct attached copper cables so this is uh where we're gonna go with that and then i will need one for the switch aggregation as well then i'll just use a standard little patch cable here to connect the two i'll probably do the rest of the switches just with ethernet to simplify this process but again i just want to make sure that the switch aggregation device is doing what it needs to do plug up these other switches i'm going to actually route them through the 48 port switch for now it shouldn't matter topology once we get once we get them adopted and upgraded they'll be all set ready to go so now we have the switch 48 is booted back up there's the nice star field animation uh they'll all sync up here once we stop messing with them and the aggregation unit is still updating so that's interesting now the screens on these are still black because we've not updated them yet uh i've got the top switch here is plugged in with our sfp to ethernet adapters uh running through the switch aggregation unit and then the others are just running through the 48-port switch uh just to get them adopted and upgraded for now so it looks like the switch aggregation unit has updated properly uh but the screen is still still telling me that it's in update status so i'm going to go ahead and send it a reboot and we will see if it comes back a little happier okay so i found the restart button i knew it was here somewhere it's uh back in the main screen with all your devices highlight over here on the far right restart yes please restart one more time on this reboot the screen did not come back on so i'm not sure what's going on with that this is bad firmware whatever um so i did realize that i forgot to turn on ssh uh because i'm sitting here thinking about how to re or force firmware upgrade that device and i haven't set up the ssh yet so i believe that it's down here in controller okay so to set up your ssh in the unifi controller go to settings and then go to site this is the older settings view you have the new settings view i'm not that fond of it just yet it's hard to find things some most things are in this new interface the other interface is still kind of getting you know it's labeled beta for a reason so ssh we're going to enable it's down here at the bottom if you scroll all the way down device authentication i'm going to set this as root and then my password i'll make it the same for both the or for all the controllers that way it's easier to keep track having yada yada and then just hit apply changes now ssh is enabled if we wanted to log into that we could go to terminal on the mac and ssh into the device and command line control that's a little outside the scope of this video so we're just going to make sure that we can if we need to and hopefully we don't all right so the switch aggregation unit is back up screen is still not working though so i don't know what that is all about but we can mess with that at a later time okay so we need to adopt our 16 port switches so we're gonna go ahead and adopt all those while that's happening i'm gonna hook up the eight port switch as well and get it on the network pending adoption all right we're gonna go ahead and adopt it too slow notification we already did it the new pop-up is very nice though when we're doing cameras doing the unified protect cameras it's really uh really handy to pop the app open and just slam in a camera and it automatically updates the cameras to where it goes uh these do not they just adopt so we will have to go through and manually update the 16 port and the 8 port switch as well i'm going to say don't ask again because we're going to do this a few times usw 8 yes upgrade that one upgrade that one get out of the way that one needs to be upgraded as well and i think we have all of them yes okay next thing i do is go through and label these both digitally and physically that way whenever we install them we know which room they're going to we know keeps everything a lot nicer i do the same with the access points as well which we'll get to here in just a little while so on the switches with the new screens it's nice because it gives you you know the status update of what's happening so these are in the restart process of the upgrade uh the older switches if you get a 16 port that doesn't have the screen or any of these smaller switches the light will actually blink blue and white while it is updating once it turns solid blue usually means it's done with its process uh this little switch is cool i have a few of these around my house you know in the theater room and the in my office um we've got four ports of poe only 60 watt budget i believe which is plenty for you know small projects for where this is going and what i'm doing here and in the house that works great um 16 ports are coming online doing their nice little chase with the leds but the thing runs hot uh one thing i always like to do with my network deployments i do this on basically all of my networks when you set up your dhcp server this is all set up as default um this screen settings networks is where you'll go to change your static ip for your wan interface which we'll do once we get to the site and on that service but you can also create separate vlans and uh adjust your dhcp settings here so i'm going to edit this lan network and this is going to be our main network main vlan we're going to leave the scope the same i believe that'll work i'm going to change this to my domain and on the dhcp server i'm going to give us a little bit more range here so i've got 30 access point access points six switches seven switches with the switch aggregation yes uh so i'm gonna make the dhcp pool start at 50. actually 51. so that gives us 50 free addresses that we can assign statically to all of our equipment and printers and anything else that you know may come up throughout the building that we want to have static ips for so we'll go ahead and save that i believe some of our devices were down in that range already yes dot 34.7 not 24 so what we'll do is we're going to reboot those switches so they get a new ip address when they come back and then i'm going to go through and set them all to be a static ip so we control where they're at they don't bounce around on the network every time they boot up if there's a power failure they go back to the same place they don't step on a computer or someone's iphone or something anywhere else in the building and they're just always in the same place static ips are very good especially in voip applications and basically anything that doesn't need to get a new address every time it gets on the network you can see the ip address is updating now as they are restarting so now they're up in the dhcp scope i can go through and start naming the devices so the eight port switch is going to go into a secondary building which is behind the main building it's going to be the usw8 laundry each of the four 16 port switches are going in the hallways so let's see this will be the northwest hall 16. north east hall the usw pro 48 is just going to be our main switch so i really don't need to name it we know where it's at the switch aggregation is also going to be in the main rack with the udm pro as well so we'll just leave those as is you could name them if you want but and then what i'll do is i will take the mac address from each device so the northeast hall take a p-touch label or whatever label maker that you like and uh physically label everything so here we have the standard brother p-touch label maker uh nothing special i use it all the time my friend uh doesn't like p-touch he just says woof but they seem to work out well for me so until there's another affordable solution that does basic labels i guess this is what we're using so i'll go through and make my labels and put them on the switch all right so to find your ip address on or sorry the mac address on your switch just tap the screen if it's in sleep mode click the little i scroll over all kinds of little handy information here hardware what's cool about the new software is all of the devices will follow where you're at in the screen so fox 803 that is our northeast hallway i'm going to do the same to the rest of them and not bore you with the details on that but just wanted to show you how to find the mac address on each switch so now we've got everybody labeled we can go through and start putting our static ip addresses in so what i like to do is start right there at the udm so my main switch which in this case is going to be the switch aggregation we will set it up to be the dot 2. go down here to network change that to static ip we are going to make this dot two subnet is two five five two five two five five dot zero slash twenty four uh the gateway is 192.168.1.1 we're going to do cloudflare and google is the dns servers if you dynamic name server domain name server you know i don't know what is that whatever cut that part out we cue the changes there and we're going to go ahead and be sure to hit apply changes and it will send the changes to the device we should probably wait for it to re-provision since most of the other switches are running through it and now you can see its ip address has been updated 2.2 very good we'll go through and do the same the 48 port switch will be next so that's going to be 3. oh we'll also go through and set up the dns servers for the main uh the main network lan as well to be cloud flares uh cloudflare's dns server is quite a bit faster than google's um it's noticeable it's probably about 15 20 milliseconds faster so i've been using it as of late but i always keep the google dns server as a backup both of these are massive uh worldwide dns servers and they never go down so a lot of times you know gosimo fiber will provide me with their dns servers which would be the closest so it should technically be the fastest but sometimes isps have to route their traffic through another you know 10 hops to get to where it's going so sometimes it's just better to use one that's the closest for this particular project i'm going to set up a couple of different vlans for this property the main vlan that we already have set up by default will work fine for their corporate network handling the computers and uh voip actually i'm gonna make another voip vlan for the phones i think we're gonna see how that goes but i think i can make that work okay the vlan 100 is what we're going to name the guest vlan subnet we'll do 172.16.1.1 slash let's make it a 23. that should give us two full subnets here well it's one subnet but should give us a max of uh 510 clients which should cover everybody that logs into the guest network in the building i don't think they they've got about 60 rooms so i think that should be more than enough to cover that but who knows if someone's got an iphone or a laptop or both or you know visitors come in with an ipad all of that so that should give us plenty of room in the dhcp range to do that i'm going to go ahead and leave us a little bit of room at the beginning of the subnet again in case we need to do something on that network uh with static ips i don't foresee us doing that but um there we go so that when you do this that subtracts from the max number of clients at 510 so you're you know going down to about 460 because we got 50 ip addresses chewed up there so that still should be more than enough i'm going to go ahead and save that and what we'll do with the wireless networks i don't have the access points in here yet but we can go ahead and create the wireless network so we'll say uh delta south cast we're going to enable that we're going to put wpa personal on and we may change this but for now we'll leave it as is let's see and the network we're going to put it on is the guest vlan advanced options this gives you a lot of different options to configure the wi-fi network so we can tell the band to either be 2.4 or 5 gigahertz or both i'm going to leave it on both for now you can do multicast of broadcast filtering i don't think we need to do it on this just because it's not going to be a super high density network uh that's a fast roaming yes there's a lot of access points in this building they're pretty close together so i'm going to let fast roaming enable in case someone's on a voice call or they're on wi-fi calling on their cell phone they can walk between access points and it'll kick them over without dropping the call wpa2 only user group i'm going to leave that alone performance devices this gets a little weird but i like it because it forces like newer iphones and newer android phones to ipads and such to connect only to the five gigahertz radio instead of you know defaulting to the lazy 2.4 network that's easier for them to connect to um all the other settings i believe we can leave as default and we'll save that and now we have wireless network so once we have the access points in provisioned and updated they'll start broadcasting these networks i'm going to go ahead and create one for the private network as well wpa2 personal this is and we're going to put this on the main vlan because we want those clients to be on that network and there we go so one thing i just noticed uh taking a look through my settings again i did not even though when we made the uh actual vlan for the guest it is or it does have its purpose as guest but when we create the wireless network we also have to click a check box that says enable the guest policies so i'm not going to do a captive portal for this network because it's going to be behind a password and i find captive portals just be annoying i tried using them for a couple of my car dealerships and it just it's janky and not useful so we just let it let it ride um so we'll check that box go down and hit save and then now it is associated here as a guest network and that keeps all the clients isolated from each other and the rest of the the other wireless network and vlan for the corporate network okay so after a little break there i realized that the mouse wasn't working in obs on the mac and couldn't figure out how to make it work so now i'm booted up into windows and uh look we have a mouse cursor so now you can see what i'm doing uh you know first first time video problems uh anyway what's interesting is in chrome and windows now when i go into the unifi network i get the new dashboard so that is exciting i really like the new real-time usage indicator if we were to pull up a uh pull up a speed test uh you can see real time what's coming through your uh you know your wan interface same thing with the upload so that's really nice um as you can see as you can see down here they want us to add some access points so that is the next project uh we've got five packs of the unify ac pro access point i was going to use a smaller version of this and newer with wi-fi six but the wi-fi six ap lights have a limit of two on the ubiquity site and i needed 30 obviously so that's unfortunate but these are still phenomenal access points i really like them a lot to take off the bracket here so you can get to the ethernet port now there's a small slot on the side take a bent paper clip stick it in there maybe and it should slide underneath that and you can twist that plate counterclockwise and then it lifts off and the uap pro has a what little weatherproof bushing here you're not supposed to use it in direct weather it's not quite sealed up that well i don't believe but if it's under like a an awning or an eve a roof something like that you can use the rubber grommet to seal it up against critters and that kind of thing uap pro also has two ethernet jacks a main and a secondary you have to plug it into the main ethernet jack for its power up via poe so we'll do that now with all five of these should light up with the white ring let you know it has power and it'll stand by to be adopted back at the computer you can see the dream machine has detected that we have five uap pros ready to go so we'll go ahead and just tell it to add them sometimes that goes ahead and adopts yes it looks like it's going to so we'll go back to devices take a look at what they're doing okay so it's going to bring those in provision them put the wi-fi networks on them and we'll be able to test it out here in a second you can see the switches are down because we unplugged them and we'll go through and do the same labeling an ip address scheme with these should go ahead and tell them to upgrade moves them around on you sometimes in the meantime i can get my trusty p touch out we're gonna just label them ap1 ap2 for five and you can do this uh the other direction as well which may be easier sometimes in this case since there are so many i will i'm just going to slap the numbers on the access points and then match them up in the software instead of hunting them down the other way so now that we are back right here it looks like all five of those took their upgrade just fine see the last four the mac address highlighted here that's what we're gonna hunt for for when we label these so this is ap5 if you look down here and right underneath the barcode i believe is the mac address so we will match that up yes fox fox 2 6. so this will be ap5 we'll go in here config and label this one done and i will do the same with the rest of it all right so on the phone now we're gonna go to wi-fi i should see both those networks now which i do so delta south gaston delta south private i'm going to try this one there we go a lot of typos today for me there we go and that should give us the correct vlan yep 192.168.1.1 should also show up if we go over here to the clients tab close all these access points out we go to the clients tab you should see my iphone here now which we do i am connected to that access point on that network there we go i believe you can drill down even further see a lot of their a lot of other information about you know the clients what they're doing let me see what protocols they're using what's doing the most traffic on that device and that's it so i'm going to do the rest of the access points and we'll have a full house i'm going to change this up just a little bit the last batch of access points i did i forgot to give them a static ip so i'm going to actually after this patch plug them back in and go ahead and assign those a static ip what i like to do is keep things in somewhat groups in my ip pool so all my switch gear main gear will be in the dot ones i'm going to start the access points at dot 11. that just makes more sense to me so whenever you're going through a p1b 192.16 so then as we go we'll name this one ap6 and this will be go down to network change that to a static ip i'm going to make that 16. it is a shame that they don't auto fill this and just let you do that but it so it's not the way it works so do the changes there apply the changes and that's that we also need to save that so now it is ap6 and we'll do the same thing on down the line and then i'll go through with my handy p touch labels and live only access points physically b7 go ahead and save down the network static ip that's 17. i like doing them when they're plugged in so i can verify that it actually took i think i'll verify this here in a minute i think we can go ahead and change the static ip on these and the next time that they boot up they will be updated to their new ip address in fact we'll just try it here before we uh before we get too far network my bluetooth keyboard has decided to be a little puck today so sorry for the loud clicking annoying keyboard we didn't save that okay also for whatever reason ubiquity in the alphanumeric organization here um yeah 10 is before two so that's mildly annoying ocd drives me crazy nothing seems to work either you can put an underscore in there or a hyphen and it doesn't seem to change it so if anybody has any tips on that please leave me a comment below there it is all right uh sometimes you get this error too with the little exclamation point um it says something about the stun server that seems to be just something that pops up when they provision sometimes and usually goes away never actually had it be an issue so not sure all right so ap 10 fox fox 1 6 i usually label them right above the unifi logo um has to not cover up any of the other information but you don't want to cover up the mac address and that kind of thing uh it's not a big deal the way that ubiquity prints these on here but a lot of access points have actual stickers um ruckus access points too for example if you put something else on it after a while and you have to peel it off everything comes with it so i don't typically like to do that we're going to try our little theory of updating ap1 through five and then plugging them in to see make sure that they do their thing i'll start these at 11. so so okay network all right so let's plug those in and see how they get okay so it looks like ap5 did go ahead and update to its new ip address now we'll wait here and double check all these and then slam them back in the box yeah thank you three is also changing its ip address go ahead and start prepping the next set here all right 11 through 15 we're gonna go ahead and add those okay so as you can see we've got the network set up now go back to the devices tab switches are all here if we look at the access points and all 30 of them provisioned box back up they're all in order i should be ready to go out and deploy these things so that'll be here in a couple days give me a shout if you have any other topics you want to get covered see if i can help out with that subscribe to the channel thanks a lot we'll see you

Info

Channel: Newfangled Technologies

Views: 19,137

Rating: undefined out of 5

Keywords: Unify, networks, unify networks, how to build a unify network, how to build a network, dream machine pro, ubiquiti, ubiquiti unifi

Id: BHfVEcZuRvg

Channel Id: undefined

Length: 53min 50sec (3230 seconds)

Published: Mon Mar 29 2021