Difference between revisions of "UniFi Security Gateway Pro"
m |
(Documentation) |
||
Line 7: | Line 7: | ||
|serial = SERIAL NUMBER | |serial = SERIAL NUMBER | ||
|arrived = 12/2017 | |arrived = 12/2017 | ||
− | |where = Server Rack | + | |where = [[Dell PS 38S Server Rack]] |
|doesitwork = yes | |doesitwork = yes | ||
|contact = CTO | |contact = CTO | ||
Line 16: | Line 16: | ||
== Status == | == Status == | ||
− | + | Online as of 12/30/17 | |
+ | |||
+ | Device will be moved to the new infrastructure location with other PS:1 maintained equipment. | ||
+ | |||
+ | == Configuration == | ||
+ | |||
+ | Please see [[UniFi Controller]] for extended configuration information. USG is managed from controller interface. | ||
+ | |||
+ | Port configuration is as follows: | ||
+ | |||
+ | * LAN Port 1 | ||
+ | ** Connected to [[UniFi 48 Port Switch]] on port 32, will be switched to port 1 or 48. | ||
+ | * LAN Port 2 | ||
+ | ** Disconnected. May be used in the future to service member rack. | ||
+ | |||
+ | * WAN Port 1 | ||
+ | ** Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the [[Dell PS 38S Server Rack]] | ||
+ | * WAN Port 2 | ||
+ | ** Disconnected. Will be used in the future for a failover/backup internet connection. | ||
+ | |||
+ | == Initial Setup == | ||
+ | |||
+ | [https://help.ubnt.com/hc/en-us/articles/236281367-UniFi-How-to-Adopt-a-USG-into-an-Existing-Network Instructions for adpoting a USG Pro can be found here] | ||
+ | |||
+ | === Adpoting a USG Pro into an existing network === | ||
+ | |||
+ | NOTE: This has been tailored for PS:1's existing network setup. | ||
+ | |||
+ | 1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP. | ||
+ | |||
+ | 2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt. | ||
+ | |||
+ | 3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller. | ||
+ | |||
+ | 4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions): | ||
+ | |||
+ | configure | ||
+ | set interfaces ethernet eth0 address 10.100.0.1/20 | ||
+ | delete interfaces ethernet eth0 address 192.168.1.1/24 | ||
+ | commit | ||
+ | |||
+ | Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop. | ||
+ | |||
+ | === Controller Pre-Configuration == | ||
+ | |||
+ | In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/ | ||
+ | |||
+ | Under "Settings" > "Networks", select edit on the network named "LAN". | ||
+ | |||
+ | The following settings should be configured as such: | ||
+ | |||
+ | * Name | ||
+ | ** LAN | ||
+ | * Purpose | ||
+ | ** Corporate | ||
+ | * Parent Interface | ||
+ | ** LAN | ||
+ | *Gateway/Subnet | ||
+ | ** 10.100.0.1/20 | ||
+ | * Domain Name | ||
+ | ** ad.pumpingstationone.org | ||
+ | * IGMP SNooping | ||
+ | ** Disabled | ||
+ | * DHCP Mode | ||
+ | ** DHCP Server | ||
+ | * DHCP Range | ||
+ | ** 10.100.3.1 - 10.100.14.254 | ||
+ | * DHCP Name Server (EACH IP IS A SEPERATE FIELD) | ||
+ | ** Manual | ||
+ | *** 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8 | ||
+ | *DHCP WINS Server | ||
+ | ** Disabled | ||
+ | * DHCP Lease Time | ||
+ | ** 86400 seconds | ||
+ | * DHCP Gateway IP | ||
+ | ** Auto | ||
+ | * DHCP UniFi Controller | ||
+ | ** 10.100.0.9 | ||
+ | * DHCP Gaurding | ||
+ | ** Enabled | ||
+ | *** 10.100.0.1 | ||
+ | * UPnP LAN | ||
+ | ** Disabled | ||
+ | |||
+ | ADVANCED SETTINGS: | ||
+ | |||
+ | * DHCP NTP Server | ||
+ | ** Disabled | ||
+ | * DHCP Network Boot | ||
+ | ** Enabled | ||
+ | *** 10.100.0.110 | ||
+ | *** /pxelinux.0 | ||
+ | * DHCP Time Offset | ||
+ | ** Disabled | ||
+ | * DHCP WPAD URL | ||
+ | ** Empty | ||
+ | * DHCP TFTP Server | ||
+ | ** Empty |
Revision as of 19:18, 1 January 2018
File:TBD | |
Owner/Loaner | PS:One |
---|---|
Serial Number | SERIAL NUMBER |
Make/Model | UniFi Security Gateway Pro |
Arrival Date | 12/2017 |
Usability | yes |
Contact | CTO |
Where | Dell PS 38S Server Rack |
Authorization Needed | yes |
Hackable | no |
Estimated Value | $300 |
Host Area | CTO |
Status
Online as of 12/30/17
Device will be moved to the new infrastructure location with other PS:1 maintained equipment.
Configuration
Please see UniFi Controller for extended configuration information. USG is managed from controller interface.
Port configuration is as follows:
- LAN Port 1
- Connected to UniFi 48 Port Switch on port 32, will be switched to port 1 or 48.
- LAN Port 2
- Disconnected. May be used in the future to service member rack.
- WAN Port 1
- Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the Dell PS 38S Server Rack
- WAN Port 2
- Disconnected. Will be used in the future for a failover/backup internet connection.
Initial Setup
Instructions for adpoting a USG Pro can be found here
Adpoting a USG Pro into an existing network
NOTE: This has been tailored for PS:1's existing network setup.
1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP.
2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt.
3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller.
4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions):
configure set interfaces ethernet eth0 address 10.100.0.1/20 delete interfaces ethernet eth0 address 192.168.1.1/24 commit
Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop.
= Controller Pre-Configuration
In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/
Under "Settings" > "Networks", select edit on the network named "LAN".
The following settings should be configured as such:
- Name
- LAN
- Purpose
- Corporate
- Parent Interface
- LAN
- Gateway/Subnet
- 10.100.0.1/20
- Domain Name
- ad.pumpingstationone.org
- IGMP SNooping
- Disabled
- DHCP Mode
- DHCP Server
- DHCP Range
- 10.100.3.1 - 10.100.14.254
- DHCP Name Server (EACH IP IS A SEPERATE FIELD)
- Manual
- 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8
- Manual
- DHCP WINS Server
- Disabled
- DHCP Lease Time
- 86400 seconds
- DHCP Gateway IP
- Auto
- DHCP UniFi Controller
- 10.100.0.9
- DHCP Gaurding
- Enabled
- 10.100.0.1
- Enabled
- UPnP LAN
- Disabled
ADVANCED SETTINGS:
- DHCP NTP Server
- Disabled
- DHCP Network Boot
- Enabled
- 10.100.0.110
- /pxelinux.0
- Enabled
- DHCP Time Offset
- Disabled
- DHCP WPAD URL
- Empty
- DHCP TFTP Server
- Empty