This article will answer the question of how to access the UniFi Network Controller on the UDM platform by IP or hostname.
NOTES & REQUIREMENTS:
This article applies only to the UniFi Dream Machine Pro (UDM-Pro).
Table of Contents
- Network Diagram
- Steps: How to Access the Controller via IP
- Testing & Verification
- Related Articles
Users may wish to access the UniFi-OS local portal by IP in certain situations. Since the local portal is on the UDM Pro, and not on a host that is on the LAN, a firewall pin-hole is suggested instead of port forwarding as would be done on other hosts (see Related Articles below).
NOTE: Applying a port forward rule to a UDM Pro LAN IP will provision a destination network address translation (DNAT) rule and is not recommended.
Steps: How to Access the Controller via IP
1. Open the UniFi Network Controller.
2. Navigate to Settings > Routing & Firewall > Firewall > WAN_LOCAL.
3. Select "Create New Rule".
4. Fill in the fields with the following information:
Action : Accept
IPv4 Protocol : TCP
Rule Applied : Before pre-defined rules
Destination : Create a new port group with port 443 in the group
5. Click "Save".
Testing & Verification
To verify that the firewall pin-hole has been properly configured, try to access the UDM Pro by its WAN IP or hostname associated with the IP. If the test does not provide the desired results, check any source IP restrictions configured. If the rule appears to be applied properly, advanced troubleshooting with tcpdump may provide the clearest indication of the issue.
CLI: Access the command line interface (CLI). You can do this by using a program such as PuTTY.
tcpdump -npi eth8 dst port 443 and host <WAN1_IP_ADDRESS_HERE>
tcpdump -npi eth9 dst port 443 and host <WAN2_IP_ADDRESS_HERE>
For further support please reach out to the UniFi Support Team.