UniFi - Device Adoption Methods for Remote UniFi Controllers

thumbs_up_i_25x25.png  Was this useful? Help us identify your favorite articles by clicking on the thumbs up at the bottom of the page. And if you think this article is not useful, please let us know why by clicking on the feedback link below!

Overview


This article describes several different layer-3 methods for deploying UAPs. Our recommended methods are found below under the Chrome Web Browser and Mobile App sections.

Table of Contents


  1. Introduction
  2. Initial Setup
  3. Chrome Web Browser (recommended)
  4. Mobile App (recommended)
  5. Discovery Utility
  6. DNS
  7. DHCP Option 43
  8. SSH
  9. User Notes
  10. Related Articles

Introduction


Back to Top

In many deployments where it's not possible/desired to have the controller running at the premise, you can run the controller in the cloud or your NOC. Say we have a large-scale project with many Devices, we could:

  • Take a laptop to the UAP Site to adopt devices via Chrome Browser (easiest method)
  • On Amazon, create a virtual controller instance on EC2. Read this article on the subject.
  • Configure/stage a few APs in our lab and customize the guest portals.
  • When we're at the customer's site, open a browser to the cloud-based controller.
  • Either configure DHCP server, DNS server, or simply use the UniFi Discovery Utility to make all local APs inform back to the controller.
  • On-going management/monitoring can be done anywhere and Amazon would provide us with great firewall configurations.

Initial Setup


Back to Top

Please make sure you're familiar with how UniFi works (e.g. where AP and Controller is in the same L2) before attempting L3 Management. 

UniFi APs have a default inform URL http://unifi:8080/inform. Thus, the purpose of using DHCP option 43 or DNS is to allow the AP to know the IP of the controller.


Chrome Web Browser

Back to Top

After installing the Discovery tool plugin (freely available in Chrome Web Store) on your desktop PC running Chrome browser, locally-available, unmanaged UniFi Devices (i.e., same L2 network as your desktop PC) will appear "Pending Adoption" for L3 management via either of two cloud-ready UniFi interfaces:

A. UniFi SDN Cloud Dashboard (unifi.ubnt.com) - "Pending Adoption"
sdn.png

B. UniFi Elite Controllers - "Pending Adoption - Locally Discovered"
elite-vs-sdn.png

1. To begin adoption, click on the device you wish to adopt. This will reveal the Properties Panel.

controller.png advanced.png switch-final.png

2. Within the Properties Panel navigate to the Adopt section, then
select the UniFi Controller & Site,
then click Adopt to adopt & manage
the Device immediately.

3. While still under the Adopt section, you can optionally set up Advanced
Options
relating to settings for the

UniFi Controller & Site to which the
Device will be adopted/managed.

4. Optionally, you can navigate to the Configure section to configure the Device with management settings
(to be applied after adoption).



Mobile App

Back to Top

After installing the UniFi Mobile App (freely available in iOS App Store & Android Play Store) on your mobile device, locally-available, unmanaged UniFi Devices (i.e., same WiFi network as your mobile device) will appear "Pending Adoption" for L3 management.

image__3_.png image__2_.png

1. While on the same L2 network, your mobile device will discover UniFi Devices for L3 adoption/management.

2. Optionally, you can set up the Device as "stand-alone" for Controller-less management (ex. SOHO WiFi), or
initiate L3 adoption to a Cloud-ready Controller.

 


Discovery Utility


Back to Top

Not many environments can have a DHCP server that's configurable, even less likely with a DNS server. That's where UniFi Discovery Utility comes in. It listens to the multicast/broadcast packets from UniFi APs and allow you to tell the AP to inform any URL you'd like. (only APs in default state or not in contact with any controller will be displayed)

UniFi Discovery utility is installed along with your UniFi controller.

  • On Windows, it's in Start Menu->Ubiquiti UniFi->UniFi-Discover
  • On Mac, /Applications/UniFi-Discover.app (or use Spotlight to find it)
  • Run "java -jar <unifi_base>/lib/ace.jar discover"

To perform L3 adoption with the discovery utility:

  1. Wait until the AP shows up
  2. If the AP is not in default state. click "reset", specify the SSH username/password and click "Apply"
  3. Click on "manage", modify the inform URL and leave the SSH username/password as ubnt/ubnt and click "Apply"
  4. Open a browser to your remote UniFi controller and you should see it being "Pending Approval"
  5. Click on "adopt". You'll see it going to "Adopting" state, ignore it as it'll eventually become "Adoption Failed" or "Disconnected"
  6. perform [step 3] again (no need to wait for [step 5] to finish)
  7. AP is now managed by the controller

Once adopted, the Controller will upgrade these units automatically.

The option of the Ubiquiti Discovery Tool Chrome Extension is also available, downloadable directly from Google Chrome here, or from our UBNT download page.

info_i_25x25.png Note:If your L3 controller is available over the WAN then you need to make sure the necessary ports are open at the controller side (minimum port 8080 for inform). If you do not have a static IP then you may want to consider using a dynamic DNS service, and use the domain name instead of the IP for the inform address. If you're using a USG then you can use the DDNS client that is available on that device itself.


DNS


Back to Top

  • You'll need to configure your DNS server to resolve 'unifi' to your controller's IP address. Make sure that AP can resolve controller's domain name. For example, if you are setting http://XYZ:8080/inform, then ping from AP to determine if XYZ is resolvable/reachable.
  • Or, using FQDN for the controller inform URL, http://FQDN:8080/inform
  • Troubleshooting - AP (with static IP) fails to connect to the L3 controller
    • when configured an AP from DHCP to static in the controller UI, make sure you have put the IP of DNS. If not, then the AP cannot contact DNS to resolve controller domain name.
    • if the AP has been reset (by pushing reset button), make sure that you have informed AP twice (using discovery utility) about the controller's location (this will be improved in the coming release 2.3.0)

DHCP Option 43


Back to Top

If using Ubiquiti's EdgeMax routers, then DHCP option 43 can be done by just entering the IP address of the UniFi controller in the "unifi" field on the dhcp-server. To use DHCP option 43 You'll need to configure your DHCP Server. For example:

Linux's ISC DHCP server: dhcpd.conf

# ...
option space ubnt;
option ubnt.unifi-address code 1 = ip-address;

class "ubnt" {
        match if substring (option vendor-class-identifier, 0, 4) = "ubnt";
        option vendor-class-identifier "ubnt";
        vendor-option-space ubnt;
}

subnet 10.10.10.0 netmask 255.255.255.0 {
        range 10.10.10.100 10.10.10.160;
        option ubnt.unifi-address 201.10.7.31;  ### UniFi Controller IP ###
        option routers 10.10.10.2;
        option broadcast-address 10.10.10.255;
        option domain-name-servers 168.95.1.1, 8.8.8.8;
        # ...
}

Cisco CLI

# assuming your UniFi is at 192.168.3.10
ip dhcp pool <pool name>
network <ip network> <netmask>
default-router <default-router IP address>
dns-server <dns server IP address>
option 43 hex 0104C0A8030A # 192.168.3.10 -> CO A8 03 0A

# Why 0104C0A8030A ?
#
# 01: suboption
# 04: length of the payload (must be 4)
# C0A8030A: 192.168.3.10

Mikrotik CLI

/ip dhcp-server option add code=43 name=unifi value=0x0104C0A8030A
/ip dhcp-server network set 0 dhcp-option=unifi

# Why 0104C0A8030A ?
#
# 01: suboption
# 04: length of the payload (must be 4)
# C0A8030A: 192.168.3.10

Cisco has a good write-up for DHCP option 43 setup.

To use IP of controller
  • You can also use the IP of the controller in the inform URL instead of the domain name.

SSH


Back to Top

If you can SSH into the AP, it's possible to do L3-adoption via CLI command:


User Notes & Tips

2. For configuring DHCP option 43 via Palo Alto Networks DHCP server. (Pan OS 7.1):