Table of contents
Hello!
Today we will look at the process of remote adoption of UniFi series devices, which allows you to connect an Access Point from another network to the UniFi Network Application controller. This solution is especially useful in situations where UniFi devices and the UniFi network application are not on the same local network. We will focus on the requirements and a simple solution to this process, which is crucial for effective management of remote devices in our network.
An introduction to our process
I will be doing things on a Synology DS920+, on which also stands a UniFi Network Application installed in Docker. Under this configuration, the UniFi controller is located in the Location A, while the Access Point (which you want to connect to the controller at Location A) is located in the location B.The two sites are connected by an IPSec Site-to-Site tunnel on MikroTik routers, with location A having an address of 192.168.100.0/24 and location B having an address of 192.168.101.0/24. It is possible to ping devices between these locations normally.
The discussed process of remote adoption of a UniFi device to a controller is done in a manner analogous to the situation when the controller is on another server (for example, it is Ubiquiti UniFi Cloud Key). This configuration is part of my home-lab environment, where I test and demonstrate various network scenarios.
What is the UniFi Network Application?
Ubiquiti’s UniFi Network Applicaiton serves as a central hub for UniFi Series network devices, providing secure communication and management. This controller is responsible for the configuration and ongoing maintenance of connected devices, such as access points. Once a device is added to the controller, a permanent connection is established – likened to a parent-child relationship, where the controller acts as a “mother” to the “children” in the form of network devices. All information about each device is stored in the controller’s local file system.
An interesting aspect is that the UniFi series devices do not require a continuous controller to function. Once they receive their configuration from the controller, they can operate independently, sending only statistics about their operation to the controller for monitoring and analysis.
Preparation
In order to prepare the tutorial, we will adopt an established domain name and certain configuration names, shown below. For customized configuration, apply settings according to individual requirements.
- Full Domain Name (FQDN) of UniFi Network Application: https://unifi.xyz.com,
Hardware
- 1x Synology DS920+
- 1x Mikrotik RB5009UPr+S+IN
- 3x Ubiquiti UniFi UAP-AC-Lite (Site A – 2x, Site B – 1x)
Nginx Proxy Manager (optional)
On my Synology, I set up a reverse proxy using Nginx Proxy Manager, which allows access to the UniFi dashboard via a URL (https://unifi.xyz.com) instead of the standard IP address. It is a solution that increases the convenience of managing UniFi devices by offering an easier to remember and more intuitive address available on the LAN. Are you interested in how to do it? Take a look here.
In addition, local DNS redirection is performed by the AdGuard DNS server, also running on a containerized version of the Synology server.
Software
Ubiquiti also offers external devices that serve as controllers, such as Cloud Key. However, it is possible to replace them with a solution based on Docker Compose, which is an alternative especially for those who prefer more flexible and integrated IT environments. I will discuss the details of this solution later in the article.
UniFi Network Application od LinuxServer.io
Access to the repository of the containerized version of the UniFi Network Application developed by LinuxServer.io is available here.
Step 1 – Migrate UniFi Controller to UniFi Network Application
If you haven’t yet migrated your old UniFi Controller to a new version with a separate MongoDB database, this moment may be ideal to do so. This process may seem complicated, but it is crucial for better performance and continuous updates. Take a look here!
Step 2 – Log in over SSH to the UniFi device
The first step in adopting UniFi devices from Ubiquiti is to access the device via SSH, after resetting it to factory settings.
- First, make sure that you are connected to the same local network as the UniFi device and that SSH is active on the device. Then, using a computer with a command line interface (CLI), prepare to establish a connection.
- For Microsoft Windows operating system I recommend PuTTY, while for Apple macOS operating systems I recommend Termius.
- Run Putty (Windows OS) or Termius (macOS), then connect to your device using the SSH command format:
ssh <username>@<ip-address>- To access the Access Point UniFi, use one of two sets of default login credentials. Possible options are:
- Login: ubnt
- Password: ubnt
- or
- Login: ui
- Password: ui
- After selecting the appropriate set of login credentials, launch an SSH client (such as PuTTY for Windows or Termius for macOS) and enter the command in the format:
- After successfully logging into the UniFi using SSH, the terminal will display the message shown below:
BusyBox v1.25.1 () built-in shell (ash)
___ ___ .__________.__
| | |____ |__\_ ____/__|
| | / \| || __) | | (c) 2010-2023
| | | | \ || \ | | Ubiquiti Inc.
|______|___| /__||__/ |__|
|_/ https://www.ui.com
Welcome to UniFi UAP-AC-Lite!
********************************* NOTICE **********************************
* By logging in to, accessing, or using any Ubiquiti product, you are *
* signifying that you have read our Terms of Service (ToS) and End User *
* License Agreement (EULA), understand their terms, and agree to be *
* fully bound to them. The use of SSH (Secure Shell) can potentially *
* harm Ubiquiti devices and result in lost access to them and their data. *
* By proceeding, you acknowledge that the use of SSH to modify device(s) *
* outside of their normal operational scope, or in any manner *
* inconsistent with the ToS or EULA, will permanently and irrevocably *
* void any applicable warranty. *
***************************************************************************
- On the device, after logging in via SSH, run the command specified below:
set-inform http://IP-ADRES-NETWORK-APPLICATION:8080/inform- After executing the command, it is important to give the device time to save the changed configuration. After a few moments, the device should become visible in UniFi Network Application, ready for adoption. This will allow you to fully integrate the device into your network and manage it through the app.
Additional Sources and information:
For further exploration and more information, I recommend checking out the links below. They are valuable sources that were used in the development of this guide:
- UniFi Network – Remote Adoption (Layer 3): https://help.ui.com/hc/en-us/articles/204909754-UniFi-Network-Remote-Adoption-Layer-3
- UniFi – Connect with SSH (Advanced): https://help.ui.com/hc/en-us/articles/204909374
Read also:
- TVHeadend: Guide to installing on Synology in Docker Compose / How to install TVHeadend on Synology with Docker Compose. A practical step-by-step guide for advanced users.
- Home Assistant: Install mirror lighting on ESPHome / Set up simple mirror lighting with ESPHome in Home Assistant. Discover simple integration and control light with ease.
- How to do an internet speed test on Raspberry Pi / Check the internet speed on Raspberry Pi with speedtest-cli. Discover how to set up and use the speed tool.
- ADS-B: Receiver Installation and Configuration on Raspberry Pi / Discover the secrets of installing and configuring your own ADS-B antenna on Raspberry Pi. Develop skills and track aircraft in real time.
- Traccar: A guide to installing on Synology with Docker / Step-by-step guide: Installing Traccar on Synology using Docker. Effective vehicle tracking on your own server.
- Traccar: Configuring GPS communication in Docker / Step by step how to enable Traccar GPS communication. Using Docker Compose, open ports for managing and receiving GPS data.
Leave a Reply