Unifi WiFi Access Points – The Software
Carrying on from my post about the Unifi Wifi Access Points hardware, we go straight into how to configure them. When plugged into your network the Unifi WiFi access points will pick up an IP from DHCP. They don’t, however, have their own GUI to configure them. The reason for this is pretty straightforward. They are designed to be managed through the Unifi Controller software which can be installed on all major computer operating systems. This allows for centralised management and is particularly useful when managing multiple devices. You can find the software on the ubnt website. One incredible feature of the Unifi WiFi access points is that ubnt has set the software up so that you can choose whether you want to manage the access points from a local computer or a remote management server. I have described both setups below.
Local Management Configuration
After downloading and installing the software you need to discover and add the devices to the management software. Ubnt has made this remarkably easy. Once the management software is configured the access points should appear in the Devices section. If you have trouble finding the device you can scan the network for devices with the Unifi-Discover application. Launch the application and it will find any unmanaged Unifi WiFi access points on the network. If nothing is shown on the Discover application you may need to check your device firewall settings. Ideally, at the base minimum, you need to allow inbound TCP port 8080 for the inform and UDP 3478 for STUN. Once those are open you should be able to discover the Unifi WiFi access points.
Once you can see the access point in the devices section of the management GUI you simply click adopt and it will add that access point to the management system. Repeat this for each access point you want to manage. You then configure you SSID settings, network settings etc. as described below. These settings will automatically be passed to all the access points configured to receive them.
Remote Management Configuration
If you want to take things a step further and manage multiple sites you can do this from a single controller. This is great for MSPs or for IT techs in multi-site organisations. It can also be useful if you are installing the access points for family & friends and don’t want to have to pop round any time someone wants a change or troubleshooting. In order to do this you need to set up a URL to point to the IP address where the management server will be. Again, you will need to open certain ports but this time it will be to the public. You can lock this down by site IPs if you want.
For remote management you will need to open up TCP 8080 and UDP 3478 as described above and TCP port 8443 for access to the web GUI. Once this is done you will need to access the remote Unifi management portal from the site, and network, at which you are installing the devices. Add a new site by clicking the Current Site -> + Add Site in the top left of the GUI. Make sure you are on the correct site before launching the Unifi-Discover software. The Unifi-Discover software should find all the unmanaged WiFi access points on the network. To configure them to use you remote management server click “Manage” and change the Set inform URL to your URL. If you have changed the ports or are using NAT you will also need to reflect this in the inform URL.
Now that we have our devices discovered and ready for management we need to configure the network and WiFi settings. I won’t go into too much detail as a lot of the settings are situation specific but the important settings to look at, these being WiFi access points, are the WiFi settings. You can create multiple WLAN groups. Each Unifi WiFi access point is assigned to one group and you can have up to four wireless networks in each WLAN group. This means you can have four completely segregated wireless networks using the same access points.
When configuring the wireless network you have the usual settings such as the SSID name, security key type and security key. I would always recommend that you have a security key, or WiFi password, unless you are operating a hotspot. I would also suggest always using WPA as WEP is a very insecure protocol in comparison. Further down the settings you have some more advanced options. You can insert a VLAN ID so that all devices using that network are associated with a particular VLAN. You can hide the SSID so that people cannot discover it. This can be useful for admin networks which have higher access to network resources. Quite important is the protocol used to secure your network. I would suggest that you use WPA2 only.
As you can see above there are a lot of other settings that are available on the Unifi WiFi Access points. You can create networks and even use the Unifi system as your DHCP server for VLANs. You can create a guest network or hotspot which uses a custom landing page allowing you to advertise your business. You can add admin accounts for more granular control over who is granted admin access to the system. One very useful feature that I have found is the ability to create user groups. This allows you to set bandwidth limitations on a particular wireless network. For example you could limit guests to 5% of your total bandwidth and wireless users to 45%. That way even if all of the users on each of the three wireless networks did max out their usage you would still have a guaranteed 50% for your wired LAN users.
Finally there is the controller settings where you can change the controller IP, make it discoverable on a layer 2 network and add SMTP credentials for email alerts.
Ubnt has created a gem of a system which allows for easy setup, management and administration of wireless networks. The Unifi WiFi access points are sleek and easy to install and with the management software they are a piece of cake to configure. The scalability is amazing as you can start off with a single access point and if you decide to add more you simply need to adopt them into the management system and they will automatically provision themselves with the existing access point’s settings! Whether you’re looking to improve your wireless connection at home or looking to impress your boss with an effective enterprise WiFi solution Unifi has something that will suit you.