UniFi Security Gateway Pro
{{#ifeq: Dell PS 38S Server Rack | Removed | {{
{{#switch:
{{#if:
|
| {{#if:
|
{{#ifeq:|
| talk
|
}}
|
{{#ifeq:|talk
| talk
|
}}
}}
}}
| main | = ambox | talk = tmbox | user = ombox | project = ombox | file | image = imbox | mediawiki = ombox | template = ombox | help = ombox | category = cmbox | book = ombox | extension = ombox | other | #default = ombox
}} | type = notice | image = | imageright = | class = | style = | textstyle =
| text = This tool is no longer at the space. Find what actually exists at PS1 on the Equipment page.
| small = | smallimage = | smallimageright = | smalltext = | subst = | date = | name = }} | {{#if: TBD | | }}{{#switch: yes | yes | "yes" | Yes | "Yes" | YES | "YES" | y | "y" | Y | "Y" = | {{
{{#switch:
{{#if:
|
| {{#if:
|
{{#ifeq:|
| talk
|
}}
|
{{#ifeq:|talk
| talk
|
}}
}}
}}
| main | = ambox | talk = tmbox | user = ombox | project = ombox | file | image = imbox | mediawiki = ombox | template = ombox | help = ombox | category = cmbox | book = ombox | extension = ombox | other | #default = ombox
}} | type = notice | image = | imageright = | class = | style = | textstyle = | text = This tool is currently broken, please contact the area host for more information. | small = | smallimage = | smallimageright = | smalltext = | subst = | date = | name = }} }}{{#if: CTO | | }}{{#switch: yes yes | "yes" | Yes | "Yes" | YES | "YES" | y | "y" | Y | "Y" = | }}}}
<html>
<svg id="printableArea" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 555 175" enable-background="new 0 0 555 175" xml:space="preserve" height="175px" width="555px" style="border:2px solid #000000;display: flex; height: auto ; width: auto ;" onClick="printSVG()">
<g id="qr"> <image width="150" height="150" transform="translate(2,2)" xlink:href="https://api.qrserver.com/v1/create-qr-code/?size=150x150&data=https://wiki.pumpingstationone.org/wiki/</html>UniFi_Security_Gateway_Pro<html>" /> </g>
<g id="title" transform="translate(165,20)"> <text font-family="Arial,Helvetica,sans-serif" font-size="18" font-weight="bold"></html>UniFi Security Gateway Pro<html></text> </g>
</html> {{#ifeq: PS:One | PS:One | <html> <g id="psoneproperty" transform="translate(155,23.5)">
<image width="80" height="103" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/PS1_owned.svg"/>
</g> </html> | <html> <g id="owner" transform="translate(155,30)">
<image width="80" height="90" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Person_owned.svg"/> <text transform="matrix(1 0 0 1 10.0 110.0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>PS:One<html></text>
</g> </html> }} {{#if: CTO | <html> <g id="hostarea" transform="translate(250,130)">
<text transform="matrix(1 0 0 1 0 0)" font-family="Arial,Helvetica,sans-serif" font-weight="700" font-size="12">Area:</text> <text transform="matrix(1 0 0 1 35.0 0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>CTO<html></text>
</g> </html> | <html> <g id="hostarea" transform="translate(250,130)">
<text transform="matrix(1 0 0 1 0 0)" font-family="Arial,Helvetica,sans-serif" font-weight="700" font-size="12">Area:</text> <text transform="matrix(1 0 0 1 35.0 0)" font-family="Arial,Helvetica,sans-serif" font-size="12"></html>Not Assigned<html></text>
</g> </html> }} {{#ifeq: yes | yes | <html> <g id="authorization" transform="translate(245,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Authorization_required.svg"/>
</g> </html> | <html> <g id="authorization" transform="translate(245,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Authorization_not_required.svg"/>
</g> </html> }} {{#ifeq: no | yes | <html> <g id="hackable" transform="translate(400,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Hackable.svg"/>
</g> </html> | <html> <g id="hackable" transform="translate(400,35)">
<image width="150" height="79" xlink:href="https://mywikis-wiki-media.s3.us-central-1.wasabisys.com/ps1/Do_not_hack.svg"/>
</g> </html> }} <html>
<g id="url" transform="translate(6,167)"> <text font-family="Arial,Helvetica,sans-serif" font-size="12"></html>https://wiki-dev.pumpingstationone.org/wiki/UniFi_Security_Gateway_Pro<html></text> </g>
<script type="text/JavaScript"> <![CDATA[
function printSVG() { const newWindow = window.open(, '_blank'); newWindow.document.write(svg.outerHTML); newWindow.document.close(); //newWindow.print(); //uncomment to auto-print on click }
const svg = document.getElementById('printableArea');
]]>
</script>
</html>
Lua error: Internal error: The interpreter exited with status 127.
Status
Online as of 12/30/17
Device will be moved to the new infrastructure location with other PS:1 maintained equipment.
Configuration
Please see UniFi Controller for extended configuration information. USG is managed from controller interface.
Port configuration is as follows:
- LAN Port 1
- Connected to UniFi 48 Port Switch on port 32, will be switched to port 1 or 48.
- LAN Port 2
- Disconnected. May be used in the future to service member rack.
- WAN Port 1
- Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the Dell PS 38S Server Rack
- WAN Port 2
- Disconnected. Will be used in the future for a failover/backup internet connection.
Initial Setup
Instructions for adpoting a USG Pro can be found here
Adpoting a USG Pro into an existing network
NOTE: This has been tailored for PS:1's existing network setup.
1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP.
2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt.
3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller.
4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions):
- configure
- set interfaces ethernet eth0 address 10.100.0.1/20
- delete interfaces ethernet eth0 address 192.168.1.1/24
- commit
Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop.
Controller Configuration
In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/
Under "Settings" > "Networks", select edit on the network named "LAN".
The following settings should be configured as such:
- Name
- LAN
- Purpose
- Corporate
- Parent Interface
- LAN
- Gateway/Subnet
- 10.100.0.1/20
- Domain Name
- ad.pumpingstationone.org
- IGMP SNooping
- Disabled
- DHCP Mode
- DHCP Server
- DHCP Range
- 10.100.3.1 - 10.100.14.254
- DHCP Name Server (EACH IP IS A SEPERATE FIELD)
- Manual
- 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8
- Manual
- DHCP WINS Server
- Disabled
- DHCP Lease Time
- 86400 seconds
- DHCP Gateway IP
- Auto
- DHCP UniFi Controller
- 10.100.0.9
- DHCP Gaurding
- Enabled
- 10.100.0.1
- Enabled
- UPnP LAN
- Disabled
ADVANCED SETTINGS:
- DHCP NTP Server
- Disabled
- DHCP Network Boot
- Enabled
- 10.100.0.110
- /pxelinux.0
- Enabled
- DHCP Time Offset
- Disabled
- DHCP WPAD URL
- Empty
- DHCP TFTP Server
- Empty
