Unifi is a managed wifi system. It allows for multiple Ubiquiti Unifi Access Points to be controlled and managed by a central control software system , or Software defined networking.

Links:

• https://www.ubnt.com/enterprise/#unifi
• https://en.wikipedia.org/wiki/Software-defined_networking

The unifi system contains the following components:

• Internet connection via WAN
• Router with LAN
• Controller (software or cloud key)
• Back haul LAN network for Unifi AP's
• Unifi Access Points
• User Portal control (optional but often used)

The controller software manages the APs and various Client settings. The software is on a device on the network. This device must exist on the Local Area network of the Unifi AP's. This controller can come in a few different forms:

• Stand Alone software on a local machine with Unifi Controller Software NOT linked to Cloud Access
• Stand Alone software on a local machine with Unifi Controller Software linked to Cloud Access
• Cloud Key controller or Unifi Secure Gateway

IMPORTANT This device must be on at all times and exist on the network at all times. If it does not, the APs will will allow access with or without a password, and will do traffic shaping, but the portal will not exist. The Unifi AP's do not work like standard ubnt devices and can not be logged into via a web portal to control, though they can be accessed via ssh.

• Setup Router and LAN.
• Router can be simple with no wifi.
• The router will NOT be part of the Unifi system. Think of the system as 2 different subsets:
• The subnet that is in the main router and access the controller and Unifi APs
• the subnet that a client is on who connects to a Unifi AP
• The LAN that the Unifis are on can be any combination of Routers, switches, wireless links.
• Important The Ubuiquti Unifi APs are the only devices that can act as APs and be managed by the controller. You can not for instance use a loco to connect to an Unifi and keep it in bridge mode. (this is not fully tested, but apparently will not work.)
• Option 1: Download controller software and install on machine.
• Option 2: Go to IP address of Cloud key (may need to use nmap to discover IP) and register with a ubnt account.
• Setup an account, remember user and password.

The controller acts as a daemon and web host. It can be accessed either:

• Windows: Click on software icon to start controller software
• The window will say “launch a browser to manage the network” Or:
• Go to: https://[localhost or IP of controller]:8443/manage/accounts/login

Cloud access

• Go To: https://unifi.ubnt.com/#/
• Login
• Click Unifi system you want to control
• Click “Launch Site” (lower area on page)

The cloud access software can now be accessed with both the local controller software (as of 4.3) and Cloud key. This allows you to connect your controller, wherever it is, to the Ubiquiti server. You must have a registered account. You can use the same for forums. This account will be remotly linked to your controller. Once you have it linked, you can then remotely manage your unifi system. Multiple unifi systems can be managed from the cloud access.

Ubiquit makes a wide range of indoor and outdoor Unifi AP's and other unifi things like cameras and phones. Here are some tips about setting up.

• The ubnt unifi APs are adopted by a cloud controller.
• The Cloud controller configures the devices via discovery
• APs can function without the controller after configured. But things like portals, user control, zero handshake, paywall will not exist. ONly simple things like routing, SSID and pass, like a typical router. No
• The APS need to be on the same network to be adopted.
• IMPORTANT! The unifi Must be on a DHCP network
• If you want to do things like configure an IP or VLAN, you should add the Unifi to a controller and configure it there

Once you adopt a new unifi, it will gain the user name and password that was set up for the contoller. This is very important when doing some of the steps below

If you want to move a unifi AP to a different contoller, you need to follow these steps. This is especially important when setting up a new unifi on a network without DHCP

• Setup a primary unifi controller on the desired network. Know what IP your controller is on.
• install temp unifi Controler on a DHCP network
• install unifi AP on the same DHCP network
• You can do whatever config you want, but make it basic.
• Log into temp unifi controller
• Go into the AP settings and change IP address to something that will work on master controller network
• Apply
• Move Unifi AP to desired network (set inform will not work if not on the same network)
• SSH into AP and run this command:
• $set-inform http://[ip.of.master.controller]:8080/inform
• exit
• Access Master controller
• The AP should automatically be provisioning or already adopting

NOTE!! Although this method did work at one time, it also failed on a second try. It may be that you will need to set the DHCP network below the main controller but where it can ping the main controller. Then You could actually try to adopt the unifi in a more traditional sense.

If you can ssh into device you can remove its adoption with some commands. THis is helpful when the device is difficult to physically reach.

• ssh
• $set-defualt

To change an AP to a different controller, when the AP has an IP that you can ssh into, and on the new same network as the new controller:

• ssh into unifi AP
• $set-inform http://[IP.of.controller]:8080/inform

You can read more here: https://community.ubnt.com/t5/UniFi-Wireless/Adopting-your-Existing-APs-to-set-inform-to-L3-Controller/td-p/471517

In order to have a separate DHCP server that Clients get when attached from AP's you need the Ubiquiti “Unifi secure gateway”. Otherwise you have to use the DHCP of the gateway the unifi is attached to. The APs, nor the controller software will not give out DHCP on their own.

If you want to edit the portal, you will need to first enable the portal and editing it. Then a folder structure will be created to access index.html and other files for editing the visual look

• Login to your controller (cloud or local)
• Settings > Guest Control > Guest Policies >
• > Enable Guest Portal > Check to enable
• > Authentication > No Authentication. Here you can also set various rules such as password or hotspot for paying, but mostly we just want “No authentication” to have a simple agree to terms and service
• Settings > guest Control > Portal Customization > Override Default Templates > Check to Enable. This is the step that will create a directory and files to edit.

To view the splash page even after accepting terms go to:

• http://[controller IP]:8880/guest/s/default/

To change the splash page you Need to edit the master index file or other files associated to it. You need to access files and/or folders of location of webpages:

• Windows access to cloud key: Use win scp with the address of the cloud key. You can either be on site and use the IP of the cloudkey or controller, or setup port forwarding to access remotely.
• Local Controller: find the directory on the local machine running the controller
• Linux: Use scp or another type of file transfer protocol

Access the directory for the main files:

• Linux: /usr/lib/unifi/data/sites/default/portal
• Windows: C:\Users\<user>\Ubiquiti UniFi\data\sites\defualt\portal
• For main index.html and styles.css

Once you have access to the folder structure

There is a single index.html file that holds most of the information for the different web portals. So if you want to edit the no auth page, or voucher page, you edit this. It is also important to know that there is a folder called “portal” which contains all the files needed for the web hosting. You can make a compressed version of this folder as a backup if you have multiple things you are editing.

Work in progress

These are things untested by the writer of this article

• When doing a setup and then move to main controller, will the AP retain the password of the temp controller and will this impede future changes? Would need documentation or be forced to reset.
• Testing with Zero Handover
• There may still be a way to ssh into a blank unifi WITHOUT a controller and change the IPs. Then you adopt the Unifi easily with your main Controller

• Here is a link on how to do it:
• http://community.ubnt.com/t5/UniFi-Wireless/Raspberry-Pi-and-Unifi/m-p/1215481#M99179
• There are many models, but the one that this link refers to is here:
• http://www.amazon.com/dp/B008XVAVAW?psc=1