UniFI equipment questions - building new home network

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › UniFI equipment questions - building new home network

sud0

282 posts

Ultimate Geek

ID Verified

Lifetime subscriber

#288645 14-Jul-2021 17:07

Hello everyone!

So, a couple of weeks ago, Orcon (my ISP) got in touch saying that someone (or me) was using my IP for spam, and that I would need to take action. I was kinda sad as I work with IT and I should've secured my network the way it was supposed to be.

I am upgrading some equipment in my place and I thought I would ask your opinion first. No, I am not doing this because Orcon came to me, I'm doing it because I need more stability and control over my network. Also, I'm planning on having a couple of servers in the future hosted at home so it will be good being able to monitor the network.

Let me know what you think? Am I doing the right choice? :) BTW - I have a two-story house.

1x Ubiquiti UniFi Security Gateway US (this is good as I need a VPN server too) https://www.pbtech.co.nz/product/NETUBI1156/Ubiquiti-UniFi-Security-Gateway-USG-Enterprise-Gat
2x Ubiquiti UniFi Switch US-8-60W 8-Port Gigabit (i need 2) https://www.pbtech.co.nz/product/SWHUBI10081/Ubiquiti-UniFi-Switch-US-8-60W-8-Port-Gigabit-Mana
2x Ubiquiti UniFi UAP-NanoHD MU-MIMO Dual-band AC2033 (one for each floor) https://www.pbtech.co.nz/product/NAPUBI1121/Ubiquiti-UniFi-UAP-NanoHD-MU-MIMO-Dual-band-AC2033

Total cost: $1,283.89

Some questions:

I don't need to put the Ubiquiti UniFi UAP-NanoHD on the ceiling, right? Will it work if I leave it on a table or something? right side up?
Can I manage all the equipment via the Ubiquiti UniFi Security Gateway?

Lucas

lpossamai.me

1 | 2

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744200 14-Jul-2021 17:16

The USG's are solid devices - they are old now but still work well for 1gig connections. There are normally a few of TradeMe for sale if you are wanting a second hand one at much cheaper ~ $120ish since most are upgrading to UDM's.
You will need a seperate controller for all of these. A CloudKey Gen1 would work but again old - cheap again on TradeMe ~ $80ish.

Other approch is a UDM - they are alot more expensive but does have built in wifi and a controller.

Switches are standard and while does not require the controller - having one will allow full control. You should consider POE US-8's as they are not much more.

AP's - I would go for the latest U6 Lite's - https://www.pbtech.co.nz/product/NAPUBI611500/Ubiquiti-UniFi-U6-Lite-Dual-Band-AX1500-Indoor-Wi. They are solid and fast. These will require a controller.
The AP's dont need to be ceiling mounted - you can wall mount them or use a desktop stand. I 3D printed a desktop stand for mine! They are POE so you will need injectors (they dont come with them) or a POE switch to power them.

On your last question and as above - no the USG does not offer any controller capability or managment. You need a CloudKey or you setup your own server with a controller. CloudKey Gen1's are cheap but also slow and old and will need POE or an injector. CloudKey Gen2's are current but expensive.

When you weigh all of this up - its sometimes easier to just go with a UDM since it includes the gateway, controller and an AP and then just add on additional AP's. Expensive but simple.

-- opinions expressed by me are solely my own. ie - personal

sud0

282 posts

Ultimate Geek

ID Verified

Lifetime subscriber

#2744203 14-Jul-2021 17:23

Jiriteach:

The USG's are solid devices - they are old now but still work well for 1gig connections. There are normally a few of TradeMe for sale if you are wanting a second hand one at much cheaper ~ $120ish since most are upgrading to UDM's.
You will need a seperate controller for all of these. A CloudKey Gen1 would work but again old - cheap again on TradeMe ~ $80ish.

Other approch is a UDM - they are alot more expensive but does have built in wifi and a controller.

Switches are standard and while does not require the controller - having one will allow full control. You should consider POE US-8's as they are not much more.

AP's - I would go for the latest U6 Lite's - https://www.pbtech.co.nz/product/NAPUBI611500/Ubiquiti-UniFi-U6-Lite-Dual-Band-AX1500-Indoor-Wi. They are solid and fast. These will require a controller.
The AP's dont need to be ceiling mounted - you can wall mount them or use a desktop stand. I 3D printed a desktop stand for mine! They are POE so you will need injectors (they dont come with them) or a POE switch to power them.

On your last question and as above - no the USG does not offer any controller capability or managment. You need a CloudKey or you setup your own server with a controller. CloudKey Gen1's are cheap but also slow and old and will need POE or an injector. CloudKey Gen2's are current but expensive.

When you weigh all of this up - its sometimes easier to just go with a UDM since it includes the gateway, controller and an AP and then just add on additional AP's. Expensive but simple.

Right.. it makes sense!

If I go with:

1x https://www.pbtech.co.nz/product/NETUBI2200/Ubiquiti-UniFi-Dream-Machine
1x https://www.pbtech.co.nz/product/NAPUBI611500/Ubiquiti-UniFi-U6-Lite-Dual-Band-AX1500-Indoor-Wi
2x Ubiquiti UniFi Switch US-8-60W 8-Port Gigabit (i need 2) https://www.pbtech.co.nz/product/SWHUBI10081/Ubiquiti-UniFi-Switch-US-8-60W-8-Port-Gigabit-Mana

Can I use the Dream Machine that has a controller built-in to manage all those devices?

Lucas

lpossamai.me

Jiriteach

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744204 14-Jul-2021 17:26

sud0:

Right.. it makes sense!

If I go with:

1x https://www.pbtech.co.nz/product/NETUBI2200/Ubiquiti-UniFi-Dream-Machine
1x https://www.pbtech.co.nz/product/NAPUBI611500/Ubiquiti-UniFi-U6-Lite-Dual-Band-AX1500-Indoor-Wi
2x Ubiquiti UniFi Switch US-8-60W 8-Port Gigabit (i need 2) https://www.pbtech.co.nz/product/SWHUBI10081/Ubiquiti-UniFi-Switch-US-8-60W-8-Port-Gigabit-Mana
Can I use the Dream Machine that has a controller built-in to manage all those devices?

Yes - UDM can manage all of those via its in-built network application (controller).

-- opinions expressed by me are solely my own. ie - personal

rp1790

738 posts

Ultimate Geek

Lifetime subscriber

#2744333 15-Jul-2021 07:14

If you're considering the UDM @ $647 I'd seriously consider the Dream Machine Pro for about another $150. It is a beast of a machine and even with all the IDS/IPS enabled still won't slow down a 1Gb connection. It also has 8 usable switch ports built in, just no POE but if you're only having 1-2 AP's then using injector's is a good option.

Might get differing opinions on this but I just replaced 1 x UAP-AC-LR with a U6 LR and the coverage (and performance) is a quantum leap. Mwave.com.au have them in stock and deliver to NZ.

The UDM or UDMP with the built-in controller makes things very easy.

kiwifidget

"Cookie"
3425 posts

Uber Geek

Lifetime subscriber

#2744350 15-Jul-2021 08:13

@rp1790 I put a UAP-AC-LR in at my parents' house but the coverage wasn't as good as I had hoped.

If I replace with a U6-LR will the old POE injector work the U6-LR?

Delete cookies?! Are you insane?!

Jiriteach

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744353 15-Jul-2021 08:17

rp1790:

If you're considering the UDM @ $647 I'd seriously consider the Dream Machine Pro for about another $150. It is a beast of a machine and even with all the IDS/IPS enabled still won't slow down a 1Gb connection. It also has 8 usable switch ports built in, just no POE but if you're only having 1-2 AP's then using injector's is a good option.

Might get differing opinions on this but I just replaced 1 x UAP-AC-LR with a U6 LR and the coverage (and performance) is a quantum leap. Mwave.com.au have them in stock and deliver to NZ.

The UDM or UDMP with the built-in controller makes things very easy.

Totally recommend the UDM Pro if your budget can stretch that far. I'm using one and its rock solid - I do also have Ubiquiti network cameras so the having that within the console is a huge bonus!

Firmware on the UDM's continue to be plagued with some issues - especially to do PPPoE performance when IDS/IPS is enabled. The UDM Pro can go 3gig with these enabled but severly limited over PPPoE. I ended up switching ISP's to avoid this and now have no issues!

-- opinions expressed by me are solely my own. ie - personal

Jiriteach

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744356 15-Jul-2021 08:20

kiwifidget:

@rp1790 I put a UAP-AC-LR in at my parents' house but the coverage wasn't as good as I had hoped.

If I replace with a U6-LR will the old POE injector work the U6-LR?

Depends on the POE injector you are using on your AC. The older ones are 24v. The new Wifi 6 AP's require 48v POE injectors.

-- opinions expressed by me are solely my own. ie - personal

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

kiwifidget

"Cookie"
3425 posts

Uber Geek

Lifetime subscriber

#2744357 15-Jul-2021 08:22

@jiriteach thanks, looks like a new injector will be needed.

Delete cookies?! Are you insane?!

rp1790

738 posts

Ultimate Geek

Lifetime subscriber

#2744373 15-Jul-2021 09:18

kiwifidget:

@rp1790 I put a UAP-AC-LR in at my parents' house but the coverage wasn't as good as I had hoped.

If I replace with a U6-LR will the old POE injector work the U6-LR?

I don't think so. The injector for my UAP-AC-LR does not work with the U6-LR. The U6-LR requires more power (POE 802.3at) something like this https://www.pbtech.co.nz/product/NETEDM1067/Edimax-GP-101IT-IEEE-8023at-Gigabit-PoE-Injector-4

P.S. with the UAP-AC-LR on Auto power mode I had coverage issues in my small 70sqm house but flicking it up to "high power" fixed that. Even on that setting the U6-LR was way better though.

rp1790

738 posts

Ultimate Geek

Lifetime subscriber

#2744380 15-Jul-2021 09:24

Jiriteach:

rp1790:

If you're considering the UDM @ $647 I'd seriously consider the Dream Machine Pro for about another $150. It is a beast of a machine and even with all the IDS/IPS enabled still won't slow down a 1Gb connection. It also has 8 usable switch ports built in, just no POE but if you're only having 1-2 AP's then using injector's is a good option.

Might get differing opinions on this but I just replaced 1 x UAP-AC-LR with a U6 LR and the coverage (and performance) is a quantum leap. Mwave.com.au have them in stock and deliver to NZ.

The UDM or UDMP with the built-in controller makes things very easy.

Totally recommend the UDM Pro if your budget can stretch that far. I'm using one and its rock solid - I do also have Ubiquiti network cameras so the having that within the console is a huge bonus!

Firmware on the UDM's continue to be plagued with some issues - especially to do PPPoE performance when IDS/IPS is enabled. The UDM Pro can go 3gig with these enabled but severly limited over PPPoE. I ended up switching ISP's to avoid this and now have no issues!

Yep, have heard of this issue on PPoE, I'm with Orcon who don't use that so never came across the problem.

Jiriteach

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744381 15-Jul-2021 09:26

rp1790:

Yep, have heard of this issue on PPoE, I'm with Orcon who don't use that so never came across the problem.

I ended up switching from 2degrees to Orcon since they offer DHCP and everything is working great. Awesome speeds as well!

-- opinions expressed by me are solely my own. ie - personal

SumnerBoy

2076 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744407 15-Jul-2021 09:42

Another +1 for the UDM Pro - I just upgraded my USG and am very impressed with the performance increase. Full IDS/IPS running on a 200/20 BigPipe connection with no problems. Plus I have just bought a few Unifi Protect cameras so having the NVR built in and managed by the UDM Pro makes for a very nice and compact system.

Next on the upgrade list is my APs, was considering the NanoHD over the U6-Lite, but interested in the comments above. I did see a thread on Reddit which suggested the NanoHDs would be the better choice, since v6 is mainly to help with high density APs, i.e. not something you are likely to need in a home environment.

But I don't pretend to know enough about this stuff!

sud0

282 posts

Ultimate Geek

ID Verified

Lifetime subscriber

#2744608 15-Jul-2021 14:40

rp1790:

If you're considering the UDM @ $647 I'd seriously consider the Dream Machine Pro for about another $150.

This one? https://www.pbtech.co.nz/product/NETUBI2201/Ubiquiti-UniFi-Dream-Machine-PRO

Do you mean to be the controller? But I would still need the Dream Machine for WIFI, or more Ubiquiti UniFi U6-Lite. Right?

Lucas

lpossamai.me

rp1790

738 posts

Ultimate Geek

Lifetime subscriber

#2744609 15-Jul-2021 14:42

sud0:

rp1790:

If you're considering the UDM @ $647 I'd seriously consider the Dream Machine Pro for about another $150.

This one? https://www.pbtech.co.nz/product/NETUBI2201/Ubiquiti-UniFi-Dream-Machine-PRO

Do you mean to be the controller? But I would still need the Dream Machine for WIFI, or more Ubiquiti UniFi U6-Lite. Right?

Yes, that's it.

Or this one :-)

https://www.amazon.com.au/Ubiquiti-Networks-Machine-Network-Solution/dp/B086967C9X/ref=sr_1_1?crid=33K3OQIL0TWPG&dchild=1&keywords=unifi+dream+machine+pro&qid=1626316901&sprefix=unifi+dream%2Caps%2C306&sr=8-1

SumnerBoy

2076 posts

Uber Geek

ID Verified

Lifetime subscriber

#2744615 15-Jul-2021 14:50

Shout out to Gowifi.co.nz as well - they stock all the Unifi gear and are great to deal with.

I have no affiliation with them BTW, just a happy customer.

1 | 2