Overview
After reading this article readers will understand how to regenerate a token used for IDS/IPS functionality. The instructions below will guide users on how to navigate the MongoDB for the UniFi Controller. These steps can be used when restoring from a backup and using a new UniFi Security Gateway (USG). In this scenario, the old token would potentially be used on two USGs at the same time or report alerts on an incorrect site.
 |
NOTES & REQUIREMENTS:
This article covers advanced configuration, and should only be used by advanced users. This article applies to the following firmware and devices:
|
Table of Contents
Steps: How to Erase an Old Token and Generate a New One
Debian-Based Linux and Cloud Key
1. Disable IPS or IDS in the UniFi Controller UI, under Settings > IPS.
2. SSH or open a console on the device hosting the UniFi Controller.
3. Open a MongoDB shell to the ace directory:
mongo localhost:27117/ace
4. Locate the site code. The "NAME_HERE" value should be replaced with your site name as it appears in the upper-right hand corner drop down menu on the UniFi Controller web UI. Spaces are allowed.
db.site.find({"desc":"NAME_HERE"})
 |
NOTE: The ObjectID will be your site code. Keep this for reference in the next step.
|
5. Locate the correct IPS setting document. The "SITE_ID_HERE" will be the ObjectID that was found in step 3.
db.setting.find({"key":"ips","site_id":"SITE_ID_HERE"})
|
NOTE: The ObjectID for this query will be your IPS setting document. Keep this for reference in the next step.
|
6. Remove the utm_token from the database:
db.setting.update({"_id": ObjectId("IPS_ObjID_HERE")},{ $set: { "utm_token":""})
7. Enable IPS or IDS in the UniFi Controller web UI under Settings > IPS.
Testing & Verification
Referencing the utm_token before and after this process should be enough to see that it either did or did not change. See here for quick ways to test IPS/IDS.
Related Articles
UniFi - USG: Configuring Intrusion Prevention/Detection System (IPS/IDS)