|
|
|
Hi
I am trying to set up a UniFi home network using UniFiPi as the network controller. I have managed to get my UniFi Security Gateway (USG) to connect to the internet via an EIC modem (BT OpenReach) but that's as far as I have got. I can't reach any other websites once the USG says I am connected and can't even PING the DNS server that the USG has assigned to it. Would appreciate any suggestions as to what to do next. Thanks in advance ...!
|
|
|
post your Wan settings??? (omitting personal details)
Edited by copex (Sat 04-Dec-21 14:34:55)
|
|
|
??? not sure what you mean by WAN settings? The internet connection is PPPoE and the only things I can type into the USG are my u/n and pwd. There is a VLAN switch in the USG but that is currently off
Edited by pet_griffin (Sat 04-Dec-21 15:39:08)
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
try here  https://community.ui.com/questions/PPPoE-WAN-Connect...
you will need the vlan id 101
Edited by copex (Sat 04-Dec-21 15:13:01)
|
|
|
|
Hi Copex - thanks! Will try the VLAN setting when I have a mo ..
|
|
|
You don't need the VLAN ID set in the router, it is done in the modem (ECI I believe )
|
|
|
|
Indeed. Surely if there was a PPPoE issue then the USG wouldn't be able to access the internet...no?
Sounds like like a setup issue with USG setup.
|
|
|
You don't need the VLAN ID set in the router, it is done in the modem (ECI I believe )
It's an ONT not a modem, and you can't change any settings on that.
|
|
|
It's an ONT not a modem, and you can't change any settings on that. OP seems to imply they on VDSL so that would be an ECI or Huawei modem; but agreed on no settings.
22 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
|
The OP said it was a modem but even if it is an ONT the same thing applies. The VLAN ID is set in the ONT on an Openreach GPon FTTP service. On Leased line products it can be more complex, routing configs and VLAN IDs may need to be set up in the user's router.
|
|
|
Hi
I am trying to set up a UniFi home network using UniFiPi as the network controller. I have managed to get my UniFi Security Gateway (USG) to connect to the internet via an EIC modem (BT OpenReach) but that's as far as I have got. I can't reach any other websites once the USG says I am connected and can't even PING the DNS server that the USG has assigned to it. Would appreciate any suggestions as to what to do next. Thanks in advance ...!
Noticed that you're using a UniFiPi - just a thought but is that setup/updated with the latest UI controller software? You've adopted the USG into the controller and can login and access the USG setup from there OK?
Edit - just had a look at my Ubiquiti controllers, running native UniFi OS version 2.2.12 the latest controller version is 6.5.53.
According to the UI website downloads area, this is the same version for controllers running on Windows, macOS or Debian (as for your UniFiPi) then the most up to date (stable) version being 6.5.53. There is a build guide here for UniFiPi that shows you what steps to take (re)build / update the Pi with the latest repositories and packages etc.
Otherwise for a bit more actual setup info on USG setup, see Chapter 10 of the Controller Guide here.
Hope that helps. Good luck.
Edited by Pheasant (Sun 05-Dec-21 21:40:25)
|
|
|
|
Hi all
thanks for the suggestions and apologies for the radio silence but did not want to fiddle with the existing network over the w/e. I tried setting VLAN=101 in the USG but I can't even connect to the internet now, so have unticked that. I am now back to square 1 - the USG will connect to the internet but if I try to PING the assigned DNS server I get " PING transmit failed. General failure". I need to be able to access the internet to continue the UniFiPi set up, so am stuck just now.
I have a spare Zyxel NBG6404 router knocking around. Unfortunately, I am not able to set this to "bridge mode" (greyed out in the user interface). So looks like I will need to get a third one! Would appreciate any suggestions for this
|
|
|
|
So to recap the USG is connected via its WAN port to the ECI VDSL modem. The PPPoE client on the USG successfully authenticates - the USG gets assigned an IP address on it WAN interface. Correct so far?
How are you connecting to the USG from laptop/PC - directly into the LAN port? What address is being assigned to the client machine?
You can fully access the USG without the controller running?
|
|
|
Hi Pheasant,
Please see below:
So to recap the USG is connected via its WAN port to the ECI VDSL modem.
yes
The PPPoE client on the USG successfully authenticates - the USG gets assigned an IP address on it WAN interface.
yes - and the DNS servers are assigned as well
How are you connecting to the USG from laptop/PC - directly into the LAN port? .
No - the laptop and USG are connected via a switch
What address is being assigned to the client machine?
The USG DHCP server says has assigned one address - 192.168.0.6. I ipconfig'd the laptop and it currently has the address 192.168.0.6. I thought the DHCP server on the USG would assign IP addresses to the other bits of kit on the network (switches, UniFiPi controller etc) but it currently has only assigned 1
You can fully access the USG without the controller running?
yes - I am connected directly to the USG by typing its IP address into the web browser
|
|
|
|
Have you configured/checked any firewall and routing steps in the USG?
|
|
|
|
No - there no are options within the USG interface itself to set these. I think these have to be set by the controller ... but i can't set this up because I can't connect to the internet (it seems I need my Ubiquiti credentials to be validated online ...)
|
|
|
|
Had a suspicion this may be so. You need to get the controller updated and fully adopt the USG into the controller, similar to other UI components like access points.
|
|
|
|
Can you get a connection up and running using your existing zyxel router? Just let enough to get the controller updated etc.
|
|
|
|
Hi
thanks for your patience. I have downloaded the latest version of UniFiPi but that was last updated 2 years ago so i guess it is running an old version of the controller. I will fire up the ZyXel, switch off DHCP and see if I can connect that way. I'm hoping things will be easier once I can access the internet ...
|
|
|
Follow the links in my post a few above. You should be able to get the most recent version running on it. 2 years is way out of date with UI.
Otherwise you can install and run the UI controller (for now anyway) on your laptop/PC and migrate over to the UnifiPi later…the Pi Idea seems nice, but in the here and now probably a distraction.
Edited by Pheasant (Mon 06-Dec-21 14:59:50)
|
|
|
|
Update: I have managed to connect to the internet using the EIC modem and a ZyXel router (NBG4604) so am now wondering if there is an incompatibility between the USG and the modem. As mentioned before, the USG says it is connected to the internet but I cannot PING any external IP address. I get the message "PING: transmit failed. General failure". I have tried flushing the DNS and renewing the IP address using ipconfig but have the same issue.
|
|
|
|
Did you get a UI controller up and running and adopt the USG on it, to check the firewall etc settings on the USG?
|
|
|
|
No - I connected a laptop to the internet using my existing network, got a UniFi controller running in a browser window (so that Ubiquiti was able to authenticate my account), disconnected from the existing network and connected to the new network. The USG is there pending adoption, but when I tried to adopt it, I got the message "adoption failed". Same thing happened when I tried to adopt the WAP on the new network.
I was able to look at some of the settings of the USG via the UniFi controller but there is nothing there that I can't set by connecting directly to it via a laptop and the USG IP address. There are no firewall settings on the USG
|
|
|
|
The symptoms you describe - USG apparently connected to internet, but anything behind it, unable to access internet etc. smacks of a firewall / routing misconfiguration. If there was an incompatibility between the USG and the modem then the USG wouldn’t be saying it’s connected to the internet.
The USG will need to be adopted into an active and internet connected UI controller (ie online) for you to configure it.
Without having one here to confirm, I believe that you will need to setup some basic firewall rules.
|
|
|
|
Hi pheasant - thanks for all your help and patience. I just don't know how I am going to sort this out .... For example, I have no idea what firewall rules to set. I connected the USG to the existing network and fired up a UniFi controller in a web page but it can't see any devices to adopt - not even the UniFi WAP which is happily giving access to various devices on the existing network. I can't even PNG the USG when it is connected to the existing network! The existing network is 192.168.0.x and the USG 192.168.1.1 so don't know if this is an issue. Completely out of my depth here ... sigh ....
|
|
|
|
OK. Getting a better picture now. For starters it looks like you have some DHCP related addressing issues to resolve
Presumably the addresses on your existing network are being given out by a DHCP server which is resident on the Zyxel (the .0.x range)? This is why you cant necessarily ping the USG when you connect it on your existing network.
You would then need to change the network mask on the DHCP server on the Zyxel so that it can 'see' the default subnet of the .1.x network the USG is set to.
|
|
|
Have you managed to get your router into bridge mode. If not you will have Double NAT problems.
Also if you can't get the USG to adopt you may find this link helpful Unifi network add new device
With my USG I had an old bt modem that I could use to get rid of the router to avoid double NAT problems.
Once you get the unifi setup working and have a chromecast or apple devices I believe, I found this very helpful in setting up the firewall rules reddit link to firewall rules
I found getting it to work with the router in the way a real pain until I remembered the old setup I had where plusnet sent out a modem and a router so dug out the old modem before going full fibre so I could just use the USG straight to the internet. If I want more then 100Mbps then think I will need to swap out the USG for something more capable.
It was a Huawei HG612 VDSL / FTTC Fibre Modem but believe Draytek Vigor 130 is similar
Vodafone Gigafast 100Mb Oct-2021
Previously Unlimited Fibre on PlusNet
Customer since 2003 - Dial up - ADSL - Fibre
|
|
|
|
Hi TAZZ69 and Pheasant
after your last posts I have spent more time fiddling round with the network. After writing in my last post that the new devices could not be adopted, I turned the new network off, turned it back on again and connected it to an old laptop running Win 7. When I fired up the UniFi controller (v4.48), all the devices had been adopted and their lights were blue. Hurrah! I tried connecting to the Internet via my old EIC modem (similar to TAZZ69's Huawei) but was still unable to connect. But progress of sorts. I then thought I had better upgrade the UniFi controller on the laptop to Win 7 to the latest version. After a lot of messing about, I finally have UniFi controller 6 running on the laptop and connected to the new network. I have factory reset all the devices on the new network to "unadopt" them and their lights are all now white. However, none of them are available for adoption on the UniFi controller. I have opened TCP port 8080 and UDP port 3487 as suggested in the link TAZZ69 sent (and turned off windows firewall) but to no avail. I can PING all the devices from my laptop but the UniFi controller does not see them so back to square 1 ....
|
|
|
Did you tell the controller to forget the devices? if not then they cannot be re-adopted until this happens as they may still be present in the controller settings. - I had this issue yesterday adding a new AP that initially failed adoption.
What shows up in the devices tab in the controller?
What settings do you have under WAN in the Internet section? It should be PPOE and your username/password - there should be nothing else to set and should just work.
Do you have a static IP on the laptop that is on the same network as if that has changed then the controller and USG are not able to "talk".
There are some other settings etc. to change depending upon your security requirements, DDNS, BQM (need to enable ICMP pings) etc. but basic authentication and throughput should be simple. I used to run USG with the controller on a Pi 2 and it was all pretty straight forward.
|
|
|
Hi NGDragon
please see below
Did you tell the controller to forget the devices? if not then they cannot be re-adopted until this happens as they may still be present in the controller settings.
No. I had to do a refresh install of the UniFi controller - trying to upgrade from v4 to v6 caused the controller to hang on start up, so I had to delete the previous settings (and forgot to make a back up ...). Previously I logged into the controller using a user name and pwd - now I have to log in using my Ubiquiti email and pwd (which are different) - but have absolutely no clue how the two are related ...
What shows up in the devices tab in the controller?
Nothing ... completely empty apart from saying "No UniFi devices have been adopted"
What settings do you have under WAN in the Internet section? It should be PPOE and your username/password
That's it - but can't connect to WWW via the modem even though the un and pwd have been accepted. This is another issue that I still have to resolve
Do you have a static IP on the laptop that is on the same network as if that has changed then the controller and USG
No. The laptop IP address is set by the DHCP on the USG. I am logged into the USG directly from the laptop and the laptop is showing as one of the devices connected to the USG with the same IP address that ipconfig gives on the laptop
I used to run USG with the controller on a Pi 2 and it was all pretty straight forward.
That is what I would like to do too and I was hoping it would be straightforward but it has been anything but so far ... sigh
|
|
|
|
Update: Just turned off AVG Internet Security running on the laptop and now all devices are visible!! Just need to get the USG to connect to the WWW and we're there .....
|
|
|
|
Is the USG connected the modem (Huawei or ECI?) in the same exact manner as the successfully connecting router?
|
|
|
|
No - I managed to get the ZyXel modem connected but as a regular modem/router not in bridge mode
|
|
|
|
Have you got the Zyxel setup doing the PPPoE then….with the USG downstream (also trying to do the same)?
|
|
|
|
Unfortunately not ... it is not possible to put the ZyXel in bridge mode. I have a Technicolor router that is currently providing internet access to the old network and which is (theoretically) possible to put in bridge mode. Unfortunately, that did not work either so the only option at present is the ECI ?EIC? modem. Am thinking about getting another modem ...
|
|
|
|
Ah sorry, misread your post ... no, I have not had the USG and ZyXel both connected at the same time (and both trying to do DHCP)
|
|
|
|
Have you checked that PPPoE works correctly with another router (or even your laptop with PPPoE client) with the ECI modem?
|
|
|
|
Yes - I have tried that using the laptop WAN miniport but the connection failed. I have tried it with another laptop running Win 10 and that seemed to produce BSODs so it could well be an issue with the ECI modem
|
|
|
Yes - I have tried that using the laptop WAN miniport but the connection failed. I have tried it with another laptop running Win 10 and that seemed to produce BSODs so it could well be an issue with the ECI modem
[/quote
This all sounds complex, is it really needed?
Adrian
Desktop machine Ryzen powered with windows 10 , reluctantly.
Plusnet FTTC
|
|
|
|
Shouldn’t really be a big deal. Admit I haven’t done it for ages on windows, but setting up a PPPoE connection on something like MacOS is dead simple, takes maybe 20 seconds - a handy way to confirm your PPPoE creds etc are working correctly or running tests without having any other routers etc in place as you’re just connected directly to the modem or ONT.
|
|
|
When you plug the ECI modem into the phone line and turn it on...what lights do you get?
|
|
|
|
All green. I have had the modem connected to the WAN and DNS servers set from the WAN side but I can't access the internet - can't even PING the DNS servers
|
|
|
Are you sure you have the correct details that you are putting into the controller, the important one is the VLAN ID
If you let us know who your broadband supplier is I'm sure we can figure it out, either that or the modem is not working correctly.
I'm sure you have the correct details username and password as that must be in your current router, I recently switched supplier and they were not great at telling me the correct VLAN ID (they gave me the wrong one, luckily I had done a bit of research so had a good idea what it should have been)
Vodafone Gigafast 100Mb Oct-2021
Previously Unlimited Fibre on PlusNet
Customer since 2003 - Dial up - ADSL - Fibre FTTC
|
|
|
Admit I haven’t done it for ages on windows, TP Link has a handy page, but Winkey+X no long has control panel in the list in later updates.
https://www.tp-link.com/uk/support/faq/921/
22 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
|
If you have an FTTP connection, or are using a third-party FTTC modem, you may have to configure a VLAN. However with an Openreach-supplied Huawei or ECI modem you should not as the VLAN 101 tagging is already done by the modem.
|
|
|
|
Does the PPPoE connection on the USG connect successfully and show a valid IP?
Which ISP are you using?
|
|
|
|
Hi have tried connecting the USG both with and without a VLAN (101). With no VLAN set, the USG makes a connection but is not able to access the internet; wth VLAN set then the USG is not able to make a connection
|
|
|
|
Hi tdw42 . yes, the USG will make a PPPoE connection and has an IP address and DNS servers set by the WAN but that's as far as it goes. Just wondering now if this is an issue with AVG firewall - that was stopping me from seeing the UI network until I set the network to be "trusted". Let me try that over the Xmas hols ...
|
|
|
You have had some with more experience/capability than me helping so far, such as @Pheasant, so I have said nothing.
I had a USG working through an OR modem - although it may have been a Huawei HG612. I cannot remember any major issue setting it up. I will check to see how it is configured but I believe that I may have changed it to PPPoE when I moved to FTTP.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
M H C
taurus excreta cerebrum vincit
|
|
|
|
I’d just completely uninstall all that third party firewall junk. It’s honestly more trouble that it’s worth. The built in gear is all you need.
|
|
|
Out of luck ... looks as though there is no config data there. I probably cleared it all before moving to PPPoE.
It should work very easily .... have you thought about resetting to factory and start again?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
M H C
taurus excreta cerebrum vincit
|
|
|
I’d just completely uninstall all that third party firewall junk. It’s honestly more trouble that it’s worth. The built in gear is all you need. Seconded. Major corporates have all done the same.
22 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
Hi tdw42 . yes, the USG will make a PPPoE connection and has an IP address and DNS servers set by the WAN but that's as far as it goes. Just wondering now if this is an issue with AVG firewall - that was stopping me from seeing the UI network until I set the network to be "trusted". Let me try that over the Xmas hols ...
Given the USG is connecting, gets a WAN IP address and sets DNS correctly it points to one of two possible issues;
1. Firewall / routing on the USG - or the lack thereof - as the clients can’t ‘get out’ to internet from behind the USG - but given that other folks here are saying the default USG setup just works, out of the box, them default firewall and NAT setup should be good to go. Which then strongly points to…
2. A client device issue (noting your previous issues with AVG)
Now if you have another (hopefully dissimilar type/operating platform) client device you can check connectivity with the USG in place - like perhaps a tablet or phone or at a pinch boot that windows box with an Ubuntu stick - then this will prove or disprove both (1) and (2) above.
|
|
|
|
So, some progress.. I turned off the AVG Firewall on the laptop running the UniFi controller and was able to make a PPPoE connection via the ECI modem - hurrah! I then disconnected the PPPoE connection, plugged in the (adopted) USG and was astonished to find I still had internet connectivity. Unfortunately things then went downhill. For some reason the UniFi controller won't run on my Windows 7 PC - a DOS window pops up, flashes an error message and then disappears before I can read it but I think it is Java-related. I connected the Unifipi controller to the network but this would not accept my Unifi credentials. I also reset the gateway IP address on the USG to 192.168.0.1 to match the gateway on the old network but then lost the internet connection. I tried running the controller on my Win 10 desktop so that I could then connect it to the new network but that messed up the network card settings and the only cure was to update the card driver. I am currently uninstalling the AVG stuff from the laptop and will then start again once I find out why the Unifi controller won't run
|
|
|
That’s positive progress despite the setbacks.
I think your problems really now centre on having a stable UI controller on the network. To that end…
On the Win 7 box, you might want check and ensure your running the latest Java 8 update and any other possible updates (given Win7 is now out of support by MS) possibly the reason why you are getting runtime errors with the UI controller software.
The UnifiPi controller needs to be fully patched and updated too. You may need to logon using any local credentials you used in the setup before synchronising the logon with the UI cloud credentials. You might have a sort of circular problem with this until you sort out your internet access via the USG.
Remember when swapping controllers about, you need to correctly migrate your settings from one controller to the other - to preserve all your settings and keep everything nicely in sync otherwise you are circling around on yourself. See this vid on YT as this chap migrates his setup between controllers.
Personally for this job I like the small plug and play UI ‘appliance’ like the original UniFi Cloud Key, still available for under £80 or the later Cloud Key Gen2+. You just plug them in and they work.
|
|
|
On the Win 7 box, you might want check and ensure your running the latest Java 8 update and any other possible updates (given Win7 is now out of support by MS) possibly the reason why you are getting runtime errors with the UI controller software.
The controller doesn't care about the underlying OS, the Windows version can get confused if both the 32 and 64 bit versions of Java are installed.
... the original UniFi Cloud Key, still available for under £80 or the later Cloud Key Gen2+. You just plug them in and they work.
Whilst the original Cloud Key is still available the OS is woefully out of date, Debian Jessie which went EOL at the end of Jun 2020, so no patches for any SSH, SSL, DNS, nginx (for the CK web UI) or other non-controller components. Ubiquiti have a track record of not bothering to patch/update old libraries in applications either, even when not directly exploitable these can provide a stepping stone in a chain of vulnerabilities.
|
|
|
|
OK, I think we're there .... I have my new UniFi network connected via a USG attached to an old ECI modem. in case anyone else has the same issues this is what I did.
1. Uninstall third party firewall software on laptop where UI controller will be running.
2. Connect to laptop to internet. I did this via PPPoE to try to minimise subsequent IP addressing issues and conflicts between the old and new networks
3. Create Ubiquiti user account
4. Upgrade Java to latest version. I am running Win 7 Pro so upgraded to the latest 64 bit version
5. Download and install latest version of UniFi controller (as administrator)
6. Create a new Unifi network configuration.
7. Disconnect from PPPoE. Connect the modem WAN cable to the USG WAN input and the laptop (with controller still running) to the new network.
8. Hopefully, the new network devices will now all show up and be ready for adoption
9. Adopt the network devices, upgrade firmware where appropriate and enjoy! Machines running a 3rd party firewall might need to be adjusted (eg "trust" the current network) to allow WWW access
I'm sure that there are improvements that could be made but this worked for me. Still a little nervous about the controller so have ordered a CloudKey Gen2+. Just wanted to say a massive "thank you" to everyone who contributed to this topic, especially @Pheasant. HNY all!!
|
|
|
|
Good stuff. Glad it’s working for you. 👍
|
Pages in this thread: 
Print Thread
