The UniFi Cloud Key (UCK) allows users to access their software controllers via a cloud connection. Although the UniFi Cloud Key is a plug-and-play component, proper setup and troubleshooting are required to ensure that the UCK is properly servicing your UniFi system. Firewalls, if not properly configured, may block ports necessary for proper communication with the Cloud Key. This article provides a list of all ports that may be used with the Cloud Key and their function.
For instructions on how to check and change ports, see the UniFi - Change Default Ports for Controller and UAPs article.
Port Requirements for Cloud Key
- Port 53 is for DNS. However, depending on the network environment and firewall settings, Port 53 may not be needed.
- Ports 80/tcp, 3478/udp, 8883/tcp are needed for UniFi Cloud access (they won't be needed if Cloud Access is disabled).
When administrators access this controller via unifi.ubnt.com, there will be some outbound UDP traffic if remote access is ongoing (via WebRTC), and the port numbers are dynamic.
- Port 80/tcp is used for UniFi Cloud Key system checks and security update installs from upstream Debian source daily.
- Inbound 3478/udp and 8080/tcp are needed only if there are devices managed by this Controller/Cloud Key, and they are outside of the firewall. If devices are not planned to be managed outside of the firewall, these may not be needed.
- UniFi - Change Default Ports for Controller and UAPs
- Information and port numbers for this article were taken from this Community post.