UniFi Security Gateway Pro: Difference between revisions
From Pumping Station One
mNo edit summary |
Documentation |
||
| Line 7: | Line 7: | ||
|serial = SERIAL NUMBER | |serial = SERIAL NUMBER | ||
|arrived = 12/2017 | |arrived = 12/2017 | ||
|where = Server Rack | |where = [[Dell PS 38S Server Rack]] | ||
|doesitwork = yes | |doesitwork = yes | ||
|contact = CTO | |contact = CTO | ||
| Line 16: | Line 16: | ||
== Status == | == Status == | ||
Online as of 12/30/17 | |||
Device will be moved to the new infrastructure location with other PS:1 maintained equipment. | |||
== Configuration == | |||
Please see [[UniFi Controller]] for extended configuration information. USG is managed from controller interface. | |||
Port configuration is as follows: | |||
* LAN Port 1 | |||
** Connected to [[UniFi 48 Port Switch]] on port 32, will be switched to port 1 or 48. | |||
* LAN Port 2 | |||
** Disconnected. May be used in the future to service member rack. | |||
* WAN Port 1 | |||
** Connected to primary internet connection, currently the Motorola SURFboard SB6120 on top of the [[Dell PS 38S Server Rack]] | |||
* WAN Port 2 | |||
** Disconnected. Will be used in the future for a failover/backup internet connection. | |||
== Initial Setup == | |||
[https://help.ubnt.com/hc/en-us/articles/236281367-UniFi-How-to-Adopt-a-USG-into-an-Existing-Network Instructions for adpoting a USG Pro can be found here] | |||
=== Adpoting a USG Pro into an existing network === | |||
NOTE: This has been tailored for PS:1's existing network setup. | |||
1. Connect a computer into the LAN NIC (LAN port 1) of the USG. It will obtain a 192.168.1.x IP from DHCP. | |||
2. SSH into 192.168.1.1 using username and password combination of ubnt / ubnt. | |||
3. For this example, the controller is on 10.100.0.9/20, so let's change the USG’s LAN IP to 10.100.0.1. Choose an available IP within the subnet of the local controller. | |||
4. In the SSH session, run the following (Since this is a USG Pro, eth1 has been replaced with eth0 per Ubiquiti instructions): | |||
configure | |||
set interfaces ethernet eth0 address 10.100.0.1/20 | |||
delete interfaces ethernet eth0 address 192.168.1.1/24 | |||
commit | |||
Now the USG’s LAN IP is 10.100.0.1/20. The SSH session will drop. | |||
=== Controller Pre-Configuration == | |||
In order for the USG to work properly, you must correctly configure the appropriate settings in the UniFi Controller GUI located at https://10.0.0.9:8443 or via https://unifi.ubnt.com/ | |||
Under "Settings" > "Networks", select edit on the network named "LAN". | |||
The following settings should be configured as such: | |||
* Name | |||
** LAN | |||
* Purpose | |||
** Corporate | |||
* Parent Interface | |||
** LAN | |||
*Gateway/Subnet | |||
** 10.100.0.1/20 | |||
* Domain Name | |||
** ad.pumpingstationone.org | |||
* IGMP SNooping | |||
** Disabled | |||
* DHCP Mode | |||
** DHCP Server | |||
* DHCP Range | |||
** 10.100.3.1 - 10.100.14.254 | |||
* DHCP Name Server (EACH IP IS A SEPERATE FIELD) | |||
** Manual | |||
*** 10.100.0.132, 10.100.0.105, 10.100.0.1, 8.8.8.8 | |||
*DHCP WINS Server | |||
** Disabled | |||
* DHCP Lease Time | |||
** 86400 seconds | |||
* DHCP Gateway IP | |||
** Auto | |||
* DHCP UniFi Controller | |||
** 10.100.0.9 | |||
* DHCP Gaurding | |||
** Enabled | |||
*** 10.100.0.1 | |||
* UPnP LAN | |||
** Disabled | |||
ADVANCED SETTINGS: | |||
* DHCP NTP Server | |||
** Disabled | |||
* DHCP Network Boot | |||
** Enabled | |||
*** 10.100.0.110 | |||
*** /pxelinux.0 | |||
* DHCP Time Offset | |||
** Disabled | |||
* DHCP WPAD URL | |||
** Empty | |||
* DHCP TFTP Server | |||
** Empty | |||
