Ubiquiti Unifi AP Wireless N

I would like to use a Ubiquiti Unify AP Wireless N Access Point on my LAN. Are they easy to set up, and how are they powered?

It seems I need something like POE. How do I know if I have POE?
 
They come with a power supply that takes Ethernet and power in, and sends PoE to the AP.

Note that you can't log into a unifi AP*. You have to have a controller, which can run on FreeBSD and is in ports (it's a java application)

*well you can ssh to it, but that's only really useful to reset it or manually attach to a controller.
 
They come with a power supply that takes Ethernet and power in, and sends PoE to the AP.

Note that you can't log into a unifi AP*. You have to have a controller, which can run on FreeBSD and is in ports (it's a java application)

*well you can ssh to it, but that's only really useful to reset it or manually attach to a controller.

Does it use a standard ethernet cable or do you need something specific for POE?

I just got the access point and it didn't include anything else, but I also bought a small POE power unit. Is that what you mean by the controller? Where do I find the java app?

Sorry for so many questions, but I've never set one of these up and don't know what is involved.
 
The controller he is speaking of is a software controller.
The access point only contains a radio and antenna and bare bones OS.
So you have to use a software controller(found in ports tree) to set it up.

net-mgmt/unifi5
 
How do I run it?

I tried a reset hoping the userid/password would revert to the default but still couldn't ssh...
 
Found this link but it mentions:

Install MongoDB
Install mongodb on the jail.
pkg install -y mongodb

Then set mongodb to load on system boot.
echo 'mongod_enable="YES"' >> /etc/rc.conf

but no such pkg is available, but it may no longer be required.

In the logfile /usr/local/share/java/unifi/logs/server.log I see

[2019-02-15 13:15:12,897] <db-server> INFO db - DbServer stopped
[2019-02-15 13:16:23,653] <launcher> INFO system - ======================================================================
[2019-02-15 13:16:23,654] <launcher> INFO system - UniFi 5.9.29 (build atag_5.9.29_11384 - release) is started
[2019-02-15 13:16:23,654] <launcher> INFO system - ======================================================================
[2019-02-15 13:16:23,657] <launcher> INFO system - BASE dir:/usr/local/share/java/unifi
[2019-02-15 13:16:23,664] <launcher> INFO system - Current System IP: 192.168.1.69
[2019-02-15 13:16:23,665] <launcher> INFO system - Hostname: S07
[2019-02-15 13:16:25,865] <launcher> INFO db - waiting for db connection...
[2019-02-15 13:16:26,389] <launcher> INFO db - Connecting to mongodb://127.0.0.1:27117
[2019-02-15 13:16:32,657] <launcher> INFO db - setting mongodb features compatibility version to 3.6
[2019-02-15 13:16:32,678] <launcher> INFO db - * Factory Default * Database exists. Clean it
[2019-02-15 13:16:33,580] <launcher> INFO db - Connecting to mongodb://127.0.0.1:27117
[2019-02-15 13:16:33,603] <launcher> INFO stat - * Factory Default * Stat Database exists. Clean it
[2019-02-15 13:16:33,791] <launcher> WARN discover - unable to join multicast group 233.89.188.1 on em0 (/192.168.1.69)
[2019-02-15 13:16:33,964] <launcher> WARN system - cannot load native lib - ubnt_webrtc_jni

Anyone know what this 'native lib - ubnt_webrtc_jni' is?
 
Strange, we've always had a PoE supply in the box.

I've never had to install mongo, just installing unifi5 should pull in any dependencies.
Also, I only have unifi_enable="yes" in /etc/rc.conf. It starts its own copy of mongo automatically.

I get the same webrtc error but just ignore it. It should be accessible on https://{ip}:8443 iirc. (Ours has been customised a bit to use our own ssl certificate so I'm not sure of the default settings.)
 
Unless things have changed the default ssh login for a new unit is ubnt for username and password.
If the controller machine and the AP are on the same LAN, hopefully it should just appear in the controller automatically and you can click 'adopt'.

Our controller is in our data centre so we always have to manually assign the devices to the controller by running the following from ssh on the AP -

# mca-cli
# set-inform http://{controller-ip-address}:8080/inform
 
Unless things have changed the default ssh login for a new unit is ubnt for username and password.
Now I suddenly realize what hordes of brute-forcers are looking for. I've been wondering about this specific account for a while. I actually thought this was a default Ubuntu account or something like it.
Code:
Feb 12 19:59:30 maelcum sshd[21710]: Failed unknown for invalid user ubnt from 117.109.87.140 port 36462 ssh2
Feb 12 19:59:31 maelcum sshd[21710]: Connection closed by invalid user ubnt 117.109.87.140 port 36462 [preauth]
I get these a lot, like, really a lot (don't worry, they're all kicked, access is constantly monitored).
 
I think the guide above is a bit out of date, but couldn't find anything newer.

After trying the default userid/password, I tried a reset but that didn't work... I'm currently looking at my options:-


It seems that I can run something like mongo --port 27117 to gain access or from a browser but that only shows:-
It looks like you are trying to access MongoDB over HTTP on the native driver port.
 
You need to install net-mgmt/unifi5. Don't bother with mongo, the Unifi controller will do that for you. The controller will start up its own web interface that you will connect to.
 
Not sure why it's being such a struggle. Based on your log above, the only real error was the one I get, so it looks like everything was working. As mentioned you have the port wrong in your HTTP error above. Can you see if the host is actually listening on 8443 or 8080?

I wouldn't touch mongo. Unifi manages the mongo instance and database entirely by itself, and getting involved with mongo manually is more than likely just going to make things worse.

Now I suddenly realize what hordes of brute-forcers are looking for. I've been wondering about this specific account for a while. I actually thought this was a default Ubuntu account or something like it.

Yeah, I think they are generally looking for the Ubiquiti airos gear as I don't think there's much you can do from a Unifi (although I haven't confirmed that) and Unifi's will usually be on a private lan. There was a big issue a year or two ago where a lot of ptp/ptmp ubiquiti gear was getting hacked.

The Unifi AP's should change password to an obscure randomly generated one as soon as they are adopted into a controller (This can be viewed or changed in the controller settings screen).
 
I finally managed to login but the setup looks pretty complicated, I did have much of an idea about what I was doing and not sure what I have set, but there is no recognisable SSID from the unit that I can try logging in to.

I have managed to ssh into the unit but what I can do seems limited. I've just 'set default' so we'll see if I can make more sense of this learning cliff :)
 
Don't SSH into the unit. Go to settings in UniFi, Create Wireless Network, and create one with the SSID you want.

Sometimes there's a hard way and an easy way. In this case, there is no hard way. Just use the UniFI software.
 
First off, you need to make sure the AP is registered with the controller
Click on the icon that looks like a target ("Devices"). Does anything show in there?
If there's an entry in there that says waiting adoption, just click the adopt button.
If there's nothing, you may need to add the AP to the controller manually. You'll need to run the two commands from my post #9 above on the AP. Once that's done it should show as waiting adoption in the controller web interface.

Until you have the AP listed as connected in the devices list, the AP won't do anything.

Once that's done, you can create a wireless network -
Right at the bottom click on the cog to open settings.
Then click on Wireless Networks, second down.
Click on "Create New Wireless Network" and enter a name and WPA Personal key

It should automatically re-provision the AP and start broadcasting the SSID.
 
First off, you need to make sure the AP is registered with the controller
Click on the icon that looks like a target ("Devices"). Does anything show in there?
If there's an entry in there that says waiting adoption, just click the adopt button.
If there's nothing, you may need to add the AP to the controller manually. You'll need to run the two commands from my post #9 above on the AP. Once that's done it should show as waiting adoption in the controller web interface.
i

Under "Devices" it has a status of "ADOPTING" and it has been like this for a while.

Following your instructions:-

root@S07:~ # ssh ubnt@192.168.1.60
ubnt@192.168.1.60's password:


BusyBox v1.11.2 (2015-01-19 13:59:09 PST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

BZ.v3.2.10# mca-cli
UniFi# set-inform http://192.168.1.60:8080/inform

Adoption request sent to 'http://192.168.1.60:8080/inform'.

  1. please adopt it on the controller
  2. issue the set-inform command again
  3. <inform_url> will be saved after device is successfully managed

UniFi#

but the status stays at adopting....

I'll try resetting and starting again from scratch.
 
As mentioned in the output you got above, try running the exact same set-inform command again after you click adopt in the controller.

I'm sure we only run it once these days and I've no idea why it would need to be run twice, but I seem to remember the original instructions saying the same thing.
 
Back
Top