UniFi Security Gateway Pro
{{#ifeq: Dell PS 38S Server Rack | Removed | {{
{{#switch:
{{#if:
|
| {{#if:
|
{{#ifeq:|
| talk
|
}}
|
{{#ifeq:|talk
| talk
|
}}
}}
}}
| main | = ambox | talk = tmbox | user = ombox | project = ombox | file | image = imbox | mediawiki = ombox | template = ombox | help = ombox | category = cmbox | book = ombox | extension = ombox | other | #default = ombox
}} | type = notice | image = | imageright = | class = | style = | textstyle =
| text = This tool is no longer at the space. Find what actually exists at PS1 on the Equipment page.
| small = | smallimage = | smallimageright = | smalltext = | subst = | date = | name = }} | {{#if: TBD | | }}{{#switch: yes | yes | "yes" | Yes | "Yes" | YES | "YES" | y | "y" | Y | "Y" = | {{
{{#switch:
{{#if:
|
| {{#if:
|
{{#ifeq:|
| talk
|
}}
|
{{#ifeq:|talk
| talk
|
}}
}}
}}
| main | = ambox | talk = tmbox | user = ombox | project = ombox | file | image = imbox | mediawiki = ombox | template = ombox | help = ombox | category = cmbox | book = ombox | extension = ombox | other | #default = ombox
}} | type = notice | image = | imageright = | class = | style = | textstyle = | text = This tool is currently broken, please contact the area host for more information. | small = | smallimage = | smallimageright = | smalltext = | subst = | date = | name = }} }}{{#if: CTO | | }}{{#switch: yes yes | "yes" | Yes | "Yes" | YES | "YES" | y | "y" | Y | "Y" = | }}}}
<html>
<svg id="printableArea" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 555 175" enable-background="new 0 0 555 175" xml:space="preserve" height="175px" width="555px" style="border:2px solid #000000;display: flex; height: auto ; width: auto ;" onClick="printSVG()">
<g id="qr"> <image width="150" height="150" transform="translate(2,2)" xlink:href="https://api.qrserver.com/v1/create-qr-code/?size=150x150&data=https://wiki.pumpingstationone.org/wiki/</html>UniFi_Security_Gateway_Pro<html>" /> </g>
<g id="title" transform="translate(165,20)"> <text font-family="Arial,Helvetica,sans-serif" font-size="18" font-weight="bold"></html>UniFi Security Gateway Pro<html></text> </g>
</html> {{#ifeq: PS:One | PS:One | <html> <g id="psoneproperty" transform="translate(155,23.5)">
<image width="80" height="103" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/PS1_owned.svg"/>
</g> </html> | <html> <g id="owner" transform="translate(155,30)">
<image width="80" height="90" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Person_owned.svg"/> <text transform="matrix(1 0 0 1 10.0 110.0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>PS:One<html></text>
</g> </html> }} {{#if: CTO | <html> <g id="hostarea" transform="translate(250,130)">
<text transform="matrix(1 0 0 1 0 0)" font-family="Arial,Helvetica,sans-serif" font-weight="700" font-size="12">Area:</text> <text transform="matrix(1 0 0 1 35.0 0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>CTO<html></text>
</g> </html> | <html> <g id="hostarea" transform="translate(250,130)">
<text transform="matrix(1 0 0 1 0 0)" font-family="Arial,Helvetica,sans-serif" font-weight="700" font-size="12">Area:</text> <text transform="matrix(1 0 0 1 35.0 0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>Not Assigned<html></text>
</g> </html> }} {{#ifeq: yes | yes | <html> <g id="authorization" transform="translate(245,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Authorization_required.svg"/>
</g> </html> | <html> <g id="authorization" transform="translate(245,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Authorization_not_required.svg"/>
</g> </html> }} {{#ifeq: no | yes | <html> <g id="hackable" transform="translate(400,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Hackable.svg"/>
</g> </html> | <html> <g id="hackable" transform="translate(400,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Do_not_hack.svg"/>
</g> </html> }} <html>
<g id="url" transform="translate(6,167)"> <text font-family="Arial,Helvetica,sans-serif" font-size="12"></html>https://wiki-dev.pumpingstationone.org/wiki/UniFi_Security_Gateway_Pro<html></text> </g>
<script type="text/JavaScript"> <![CDATA[
function printSVG() { const newWindow = window.open(, '_blank'); newWindow.document.write(svg.outerHTML); newWindow.document.close(); //newWindow.print(); //uncomment to auto-print on click }
const svg = document.getElementById('printableArea');
]]>
</script>
</html>
Lua error: Internal error: The interpreter exited with status 127.
Status
Online as of 12/30/17
Device will be moved to the new infrastructure location with other PS:1 maintained equipment.
Backup
Configuration is backed up with the UniFi Controller.
Configuration
Please see UniFi Controller for extended configuration information. USG is managed from controller interface.
Port configuration is as follows:
- LAN Port 1
- Connected to UniFi 48 Port Switch on port 32, will be switched to port 1 or 48.
- LAN Port 2
- Disconnected. May be used in the future to service member rack.
- WAN Port 1
- Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the Dell PS 38S Server Rack
- WAN Port 2
- Disconnected. Will be used in the future for a failover/backup internet connection.
Enable IPv6 Support
IPv6 support is in progress. Documentation to enable this is found here.
Initial Setup
Instructions for adpoting a USG Pro can be found here
Adpoting a USG Pro into an existing network
NOTE: This has been tailored for PS:1's existing network setup.
1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP.
2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt.
3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller.
4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions):
- configure
- set interfaces ethernet eth0 address 10.100.0.1/20
- delete interfaces ethernet eth0 address 192.168.1.1/24
- commit
Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop.
Controller Configuration
In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/
Under "Settings" > "Networks", select edit on the network named "LAN".
The following settings should be configured as such:
- Name
- LAN
- Purpose
- Corporate
- Parent Interface
- LAN
- Gateway/Subnet
- 10.100.0.1/20
- Domain Name
- ad.pumpingstationone.org
- IGMP SNooping
- Disabled
- DHCP Mode
- DHCP Server
- DHCP Range
- 10.100.3.1 - 10.100.14.254
- DHCP Name Server (EACH IP IS A SEPERATE FIELD)
- Manual
- 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8
- Manual
- DHCP WINS Server
- Disabled
- DHCP Lease Time
- 86400 seconds
- DHCP Gateway IP
- Auto
- DHCP UniFi Controller
- 10.100.0.9
- DHCP Gaurding
- Enabled
- 10.100.0.1
- Enabled
- UPnP LAN
- Disabled
ADVANCED SETTINGS:
- DHCP NTP Server
- Disabled
- DHCP Network Boot
- Enabled
- 10.100.0.110
- /pxelinux.0
- Enabled
- DHCP Time Offset
- Disabled
- DHCP WPAD URL
- Empty
- DHCP TFTP Server
- Empty
