• Posts
  • Unifi Network Upgrade

Unifi Network Upgrade

The Start of it All

I've been trying to get my hands into Ubiquiti gear for at least two years, but never had a reason to. That changed about a year ago when my brother was complaining about slow WiFi in our basement.

At the time our router was on the second floor and the signal was 'okay' at best. So I went to Amazon and bought a WiFi repeater. When the repeater got to the house I played around with location to see where it worked best, only to figure out it didn't really work. The repeater was enough to marginally improve speeds in our basement, but not by much.While some in my family may have been satisfied by the repeaters, I wasn't. I started digging around my home more. I quickly found that most bedrooms had a RJ11 phone jack and all the phone lines terminated at a 66 block in my basement. To make it even more enticing, the builder didn't use Cat3 phone line, he used Cat5 and used two pairs for the phone. I finally could build a wired home network...

After my discovery, I started looking at Access Points and once again stumbled upon Ubiquiti's Unifi line. The only problem was I wanted a cheap fix and Ubiquiti wasn't necessarily 'cheap' for a college student. So I found an AC Access Point along with all I needed to get the ball rolling and purchased it all. One of my concerns was that everything I read said Cat5 doesn't carry gigabit, but 100 Mbps was better than what I had. So, I began the task of tracing wires. My home still had traditional home phone, so I couldn't re-terminate all of the lines, only select lines for the rooms that needed it. This proved to take up the most time out of this whole process, with a lot of trial and error. Eventually, I found the correct wires and started to terminate them. I had never terminated wires before, so after quite a few times I had finally got everything all working, and I had gigabit speeds! I linked my router up to a 8 port managed switch in the basement and from there I ran a cable to the new access point, and finally, perfect coverage and speed...

...Excepted it wasn't perfect. Any time you moved around the house your device wouldn't move to the stronger AP, making you have to manually disconnect and reconnect. This didn't really frustrate anyone but me. In December, when I got home for my winter break, I had had it. I quickly looked up Unifi and bit the bullet. I bought three UAP-AC-Lites (one for each floor) and one UAP-AC-Mesh (added later). I relocated my TP-Link router and modem to the basement and along with the switch created my very own networking room. The WiFi worked perfectly, my inner nerd was happy.

There was something missing on the Unifi Controller though, and I soon found myself on Ebay looking for Unifi Security Gateways. I found one for a reasonable price and bought it. I finally could play with VLANs, Captive Portals, IPS, and plenty of analytics at home.


The More the Merrier

A day or two after putting all this new hardware in at home, I left to go back to school. And I was a little upset I didn't get to see any of the benefits of my new toys. So, I decided I needed to upgrade my network at my house at school, so off to ebay... I bought another USG, a Unifi 8 port switch, a UAP-AC-LR, and a UAP-AC-Pro. I connected everything back to my Unifi Controller and started to see all it could do. My UAP-AC-Pro has a wireless uplink to the UAP-AC-LR. I set up a Site-to-Site VPN between home and school, but I couldn't let my housemates connect to home. I played around a little more, created my own private network for my devices and set up some ACLs to only allow my devices to connect to my house.

A note on the wireless uplink: I was very skeptical at first due to my experience with wireless repeaters, but I haven't had any issues with the mesh setup. I get speeds of about 350 Mbps up and down.

A few weeks after I installed Unifi at school I decided to get gear for my parent's other house. I haven't physically installed it there yet, but logically set up the configuration on my Unifi Controller.


End Result

I've been extremely happy with my Unifi system. There are a few caveats though. At the end of the day, I only need a basic home network. Because of Unifi, I've got a IPsec VPN, a few VLANs, and a Guest WiFi setup. That being said, Unifi also offers Intrusion Prevention System/Intrusion Detection System (IPS/IDS), Deep Packet Inspection (DPI), and Quality of Service(QoS); but I can't use all of it. The USG I have will do DPI and still route at 1 Gbps, but when I enable IPS or QoS I am throttled to about 75 Mbps. I pay for 200 Mbps, so that doesn't work for me. If I bought the next model up router (the USG-4 Pro), I could have it all enabled and route at about 300 Mbps, but I didn't buy that. The USG-3P (my model) also gets loaded. When I download at my full speed of 200 Mbps my latency sky rockets. This could be fixed by QOS, but QOS also limits me to about 75 Mbps. Like I said earlier, these are all features I don't need, but they are there and I would use them if they didn't impact me.

Unifi is great for a small business/home setup, but there are some key features missing to make their routers an enterprise solution (note: some of these features can be done via CLI). For starters, most enterprises have multiple WAN IPs, this is not possible via the Unifi Controller. Another feature missing is redundancy/high availability. Ubiquiti's EdgeRouter's have VRRP (Virtual Router Redundancy Protocol), but the feature is missing from Unifi. In fact, Unifi Controller doesn't allow two routers at the same Site. The Unifi Controller's analytics could be a little better too. There is no way to view data from certain time periods, you have to view all of it.


Ultimately, what started out as three APs, has turned into seven APs, two USGs, one USW, and one happy tech guy.


For pictures, check out my LinkedIn Article.