Difference between revisions of "UniFi Security Gateway Pro"

UniFi Security Gateway Pro
	File:TBD
Owner/Loaner	PS:One
Serial Number	SERIAL NUMBER
Make/Model	UniFi Security Gateway Pro
Arrival Date	12/2017
Usability	yes
Contact	CTO
Where	Dell PS 38S Server Rack
Authorization Needed	yes
Hackable	no
Estimated Value	$300
Host Area	CTO

VisualWikitext

Revision as of 19:18, 1 January 2018

Status

Online as of 12/30/17

Device will be moved to the new infrastructure location with other PS:1 maintained equipment.

Configuration

Please see UniFi Controller for extended configuration information. USG is managed from controller interface.

Port configuration is as follows:

LAN Port 1
- Connected to UniFi 48 Port Switch on port 32, will be switched to port 1 or 48.
LAN Port 2
- Disconnected. May be used in the future to service member rack.

WAN Port 1
- Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the Dell PS 38S Server Rack
WAN Port 2
- Disconnected. Will be used in the future for a failover/backup internet connection.

Initial Setup

Instructions for adpoting a USG Pro can be found here

Adpoting a USG Pro into an existing network

NOTE: This has been tailored for PS:1's existing network setup.

1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP.

2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt.

3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller.

4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions):

configure set interfaces ethernet eth0 address 10.100.0.1/20 delete interfaces ethernet eth0 address 192.168.1.1/24 commit

Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop.

= Controller Pre-Configuration

In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/

Under "Settings" > "Networks", select edit on the network named "LAN".

The following settings should be configured as such:

Name
- LAN
Purpose
- Corporate
Parent Interface
- LAN
Gateway/Subnet
- 10.100.0.1/20
Domain Name
- ad.pumpingstationone.org
IGMP SNooping
- Disabled
DHCP Mode
- DHCP Server
DHCP Range
- 10.100.3.1 - 10.100.14.254
DHCP Name Server (EACH IP IS A SEPERATE FIELD)
- Manual
  - 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8
DHCP WINS Server
- Disabled
DHCP Lease Time
- 86400 seconds
DHCP Gateway IP
- Auto
DHCP UniFi Controller
- 10.100.0.9
DHCP Gaurding
- Enabled
  - 10.100.0.1
UPnP LAN
- Disabled

ADVANCED SETTINGS:

DHCP NTP Server
- Disabled
DHCP Network Boot
- Enabled
  - 10.100.0.110
  - /pxelinux.0
DHCP Time Offset
- Disabled
DHCP WPAD URL
- Empty
DHCP TFTP Server
- Empty

@@ Line 7: / Line 7: @@
 |serial = SERIAL NUMBER
 |arrived = 12/2017
-|where = Server Rack
+|where = [[Dell PS 38S Server Rack]]
 |doesitwork = yes
 |contact = CTO
@@ Line 16: / Line 16: @@
 == Status ==
-To be filled
+Online as of 12/30/17
+Device will be moved to the new infrastructure location with other PS:1 maintained equipment.
+== Configuration ==
+Please see [[UniFi Controller]] for extended configuration information. USG is managed from controller interface.
+Port configuration is as follows:
+* LAN Port 1
+** Connected to [[UniFi 48 Port Switch]] on port 32, will be switched to port 1 or 48.
+* LAN Port 2
+** Disconnected. May be used in the future to service member rack.
+* WAN Port 1
+** Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the [[Dell PS 38S Server Rack]]
+* WAN Port 2
+** Disconnected. Will be used in the future for a failover/backup internet connection.
+== Initial Setup ==
+[https://help.ubnt.com/hc/en-us/articles/236281367-UniFi-How-to-Adopt-a-USG-into-an-Existing-Network Instructions for adpoting a USG Pro can be found here]
+=== Adpoting a USG Pro into an existing network ===
+NOTE: This has been tailored for PS:1's existing network setup.
+. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP.
+. SSH into 192.168.1.1 using username and password combination of  ubnt / ubnt.
+. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller.
+. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions):
+configure
+set interfaces ethernet eth0 address 10.100.0.1/20
+delete interfaces ethernet eth0 address 192.168.1.1/24
+commit
+Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop.
+=== Controller Pre-Configuration ==
+In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/
+Under "Settings" > "Networks", select edit on the network named "LAN".
+The following settings should be configured as such:
+* Name
+** LAN
+* Purpose
+** Corporate
+* Parent Interface
+** LAN
+*Gateway/Subnet
+** 10.100.0.1/20
+* Domain Name
+** ad.pumpingstationone.org
+* IGMP SNooping
+** Disabled
+* DHCP Mode
+** DHCP Server
+* DHCP Range
+** 10.100.3.1 - 10.100.14.254
+* DHCP Name Server (EACH IP IS A SEPERATE FIELD)
+** Manual
+*** 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8
+*DHCP WINS Server
+** Disabled
+* DHCP Lease Time
+** 86400 seconds
+* DHCP Gateway IP
+** Auto
+* DHCP UniFi Controller
+** 10.100.0.9
+* DHCP Gaurding
+** Enabled
+*** 10.100.0.1
+* UPnP LAN
+** Disabled
+ADVANCED SETTINGS:
+* DHCP NTP Server
+** Disabled
+* DHCP Network Boot
+** Enabled
+*** 10.100.0.110
+*** /pxelinux.0
+* DHCP Time Offset
+** Disabled
+* DHCP WPAD URL
+** Empty
+* DHCP TFTP Server
+** Empty