How to adopt Unifi Devices

Posted on by

UniFi – Device Adoption Methods for Remote UniFi Controllers

Overview

This article describes several different layer-3 methods for adopting and deploying UniFi devices remotely. Our recommended methods are found below under the Chrome Web Browser and Mobile App sections.

Table of Contents

  1. Introduction
  2. Initial Setup
  3. Recommended L3 Adoption Methods
    1. Chrome Web Browser
    2. Mobile App
  4. Advanced L3 Adoption Methods 
    1. Discovery Utility
    2. DNS
    3. DHCP Option 43
    4. SSH
  5. User Notes & Tips
  6. Related Articles

Introduction

In many deployments where it’s not possible to have the UniFi Network Controller running on-premise, you can run the controller in the Cloud or your NOC. For example, for a large-scale project with many devices there are a few possible methods for adoption of devices:

  • Take a laptop to the device’s site to perform adoption via Chrome Browser (easiest method).
  • When you’re at the site, open a browser and navigate to Cloud: either the UniFi Cloud Access Portal or the UniFi Network Controller (when launched using Cloud).
  • Create a virtual controller instance on Amazon EC2. Read this article on the subject.
  • Either configure the DHCP server, DNS server or simply use the UniFi Discovery Utility to make all local access points (APs) inform back to the controller.

Initial Setup

Please make sure you’re familiar with how a regular L2 adoption on UniFi works (where the devices and Controller are on the same network) before attempting L3 (remote) adoption. Also, remember that in order to adopt, the following conditions must be true in order to have internet access and also have access to the router from within the network (locally):

1. WAN port connected to the Internet.
2. LAN port connected locally to access management features on the router (USG or third party).

UniFi APs have a default inform URL http://unifi:8080/inform. Thus, the purpose of using DHCP option 43 or DNS is to allow the AP to know the IP of the Controller.

Chrome Web Browser

After installing the Discovery tool plugin (freely available in Chrome Web Store) on a computer running Chrome browser, any locally-available, unmanaged UniFi Devices (i.e., same L2 network as your computer) will appear as “Pending Adoption” in the UniFi Cloud Access Portal as well as your UniFi Network Controller itself (in the Devices section in both cases). To access the Controller remotely Remote Access will have to be enabled.

Via the UniFi Cloud Access Portal

1. Go to https://unifi.ui.com/ and log in with your Ubiquiti SSO credentials.

2. Go to the Devices section and locate the model with the Pending Adoption status. Click ADOPT.

3. In the Adopt window that will appear, select the controller and the site that will be adopting the device and click Adopt.

Via the UniFi Network Controller

1. Launch the UniFi Network Controller, go to the Devices section, find the device that is to be adopted with the status “Pending Adoption” and click Adopt under Actions.

Mobile App

1. After installing the UniFi Mobile App (freely available in iOS App Store & Android Play Store), launch the app, and tap Direct Access (in iOS, in Android you will see the Direct Access section on the screen once you launch the app, see images below).

NOTE:Your mobile device must be connected to the same network as your devices, and must be able to access the controller directly (using HTTP). A public IP and/or port forwarding may be necessary. The inform port of the controller must be 8080.

2. Select your Controller from the list, or tap the “Add Controller” to log in and add your controller.

iOS

 Android

3. For iOS: Once logged in to the Controller, tap More. There will be a Layer 3 Adoption option under Utilities.

For Android: Once logged in to the Controller, tap More, then click on Remote Adoption from the menu.

iOS

Android

4. Devices will be displayed on this screen. Tap on the device that is to be adopted and select Adopt.

iOS

 Android

5. After a few seconds (15-30 seconds, times will vary) the device will appear under the Devices section, which will be accessible by clicking on the Devices icon on the bottom menu bar.

Discovery Utility

This utility listens to the multicast/broadcast packets from UniFi APs and allows you to configure the AP to inform any URL you’d like. It is important to note that only APs in a default state or not in contact with any other controller will be displayed.

UniFi Discovery utility is installed along with the UniFi Network Controller.

  • On Windows, it’s in Start Menu > Ubiquiti UniFi >UniFi-Discover
  • On Mac, /Applications/UniFi-Discover.app (or use Spotlight to find it)
  • Run “java -jar <unifi_base>/lib/ace.jar discover”

The option of the Ubiquiti Discovery Tool Chrome extension is also available, downloadable directly from Google Chrome here, or from our Ubiquiti download page.

To perform L3 adoption with the Discovery utility:

  1. Launch the Discovery Utility and wait until the device appears. If the device is not in a default state (new out of the box, or reset to its factory default settings), click “reset”, specify the SSH username/password and click “Apply”. If unsure about device authentication credentials, please take a look at this article: UniFi – Accounts and Passwords for Controller, Cloud Key and Other Devices.
  2. Click “manage”, modify the inform URL and leave the SSH username/password as ubnt/ubnt and click “Apply”.
  3. Open a browser to your UniFi Network Controller and you should see the device is “Pending Approval” in the Devices screen.
  4. Click on “Adopt”. You’ll see it going to “Adopting” state, ignore it as it’ll eventually become “Adoption Failed” or “Disconnected”.
  5. Perform step 2 again, setting the inform URL again. There is no need to wait for step 4 to finish.
  6. After a few moments, the devices will now be managed by the Controller and will appear as Connected. You may need to leave the Devices page and return to see this reflected on the screen.
NOTE:If your L3 Controller is available over the WAN then you need to make sure the necessary ports are open at the Controller side (minimum port 8080 for inform). If you do not have a static IP then you may want to consider using a dynamic DNS service, and use the domain name instead of the IP for the inform address. If you’re using a USG then you can use the DDNS client that is available on that device itself.

DNS

You’ll need to configure your DNS server to resolve ‘unifi’ to your Controller’s IP address. Make sure that the device can resolve Controller’s domain name. For example, if you are setting http://XYZ:8080/inform, then ping from the device to determine if XYZ is resolvable/reachable. Or you may also use FQDN for the Controller inform URL: http://FQDN:8080/inform

Troubleshooting: Device (with static IP) fails to connect to the L3 Controller

  • When configuring a device from DHCP to static in the Controller UI, make sure you have put the IP of DNS. If not, then the device cannot contact DNS to resolve Controller domain name.
  • If the device has been reset, make sure that you have “informed” the device twice (using the Discovery Utility) about the Controller’s location. See steps in the section above.

DHCP Option 43

If using Ubiquiti’s EdgeMAX routers, then DHCP option 43 can be done by just entering the IP address of the UniFi Network Controller in the “unifi” field on the DHCP-server.

NOTE: TheUniFi Security Gateway (USG) will not use DHCP option 43 to add the UniFi Network Controller location when obtaining a DHCP lease on the WAN interface.

To use DHCP option 43 you’ll need to configure your DHCP Server. We provide some third party examples below, but please refer to the manufacturer’s support documentation for up to date instructions. For example:

Linux’s ISC DHCP server: dhcpd.conf

# ...
option space ubnt;
option ubnt.unifi-address code 1 = ip-address;

class "ubnt" {
        match if substring (option vendor-class-identifier, 0, 4) = "ubnt";
        option vendor-class-identifier "ubnt";
        vendor-option-space ubnt;
}

subnet 10.10.10.0 netmask 255.255.255.0 {
        range 10.10.10.100 10.10.10.160;
        option ubnt.unifi-address 201.10.7.31;  ### UniFi Controller IP ###
        option routers 10.10.10.2;
        option broadcast-address 10.10.10.255;
        option domain-name-servers 168.95.1.1, 8.8.8.8;
        # ...
}

Cisco CLI

# assuming your UniFi is at 192.168.3.10
ip dhcp pool <pool name>
network <ip network> <netmask>
default-router <default-router IP address>
dns-server <dns server IP address>
option 43 hex 0104C0A8030A # 192.168.3.10 -> CO A8 03 0A

# Why 0104C0A8030A ?
#
# 01: suboption
# 04: length of the payload (must be 4)
# C0A8030A: 192.168.3.10

Mikrotik CLI

/ip dhcp-server option add code=43 name=unifi value=0x0104C0A8030A
/ip dhcp-server network set 0 dhcp-option=unifi

# Why 0104C0A8030A ?
#
# 01: suboption
# 04: length of the payload (must be 4)
# C0A8030A: 192.168.3.10
User Tip: Find more DHCP Option 43 instructions in the User Notes & Tips section.

SSH

If you can SSH into the device, it’s possible to do L3 adoption via CLI command:

1. Make sure the device is running updated firmware. See this guide: UniFi – Changing the Firmware of a UniFi Device.

2. Make sure the device is in the factory default state. If it’s not, run the following command:

sudo syswrapper.sh restore-default

3. SSH into the device and type the following and hit enter, substituting “ip-of-controller” with the IP address of the host of the UniFi Network Controller:

set-inform http://ip-of-controller:8080/inform

4. After issuing the set-inform, the UniFi device will show up for adoption in the Devices section of the controller. Once you click Adopt, the device will appear to go offline or have the status of “Adopting”.

5. Once the device says it is Adopting or goes offline, whatever happens first, issue the command set-inform described in step 3 again. This will permanently save the inform address, and the device will start provisioning.

IMPORTANT:The set-inform command must be issued twice as described in step 3 and step 5 above. Otherwise, the device will disconnect after appearing to adopt.

User Notes & Tips

These notes have been added thanks to user collaboration. Have anything to contribute? Click on the Give Feedback button below!

Windows Server DHCP Option 43

User Tip:For Windows Server please see this external blog post.

Using PFSense with DHCP Option 43

NOTE:As in all our examples, we are using a sample IP address, you would input your own.

1. Input your IP in https://www.browserling.com/tools/ip-to-hex

Screen_Shot_2018-02-21_at_2.05.39_PM.png

2. Click Convert to Hex!

Screen_Shot_2018-02-21_at_2.05.46_PM.png

3. Add 01:04 to the beginning of the converted IP, so it would look something like this:

01:04:ac:10:21:04

4. Insert this in the Value field.

Screen_Shot_2018-02-21_at_2.07.32_PM.pngUsing Palo Alto Networks with DHCP Option 43 (Pan OS 7.1)

Know These Five Facts for a Safer Summer at Home

Posted on by
It’s the season to get outside, take a break from the pressures of life, and enjoy your home and family.
As you make the most of the weather, however, be aware of a few seasonal safety issues that summer can bring. Look out for these five dangers and don’t let them cloud your summer.

1: Burglaries increase by up to 11 percent in summer

Between longer daylight hours, homeowners going on holiday and more people being outside, summer is a burglar’s favorite season. Research by the DoJ confirms that you’re most likely to be burgled or have something stolen from outside your home during the summer months.

Summer Safety Burglary.png

2: Home playground equipment is a factor in 200,000 injuries every year.

While kids are remarkable in their ability to dust off a bump or a bruise, home playground equipment can pose more serious dangers. Take these steps to ensure that things stay fun around your playhouse, swingset or trampoline.

  • Give your outdoor play equipment an annual inspection. Check for sharp edges, loose bolts, platforms or guardrails, and clear any tripping hazards.
  • Most injuries occur from falls to the ground. Consider installing mulch or rubber mats around your play equipment to lessen the impact of a fall.
  • Always keep an eye on small children using outdoor play equipment. If your kids like to slip outside without asking you, a contact sensor on your back door is a wise idea.

3: 48% of swimming pool injuries occur at residential locations

Your pool is a huge source of summer fun, but it comes with new opportunities for kids to slip, trip, or worse. To enjoy your pool safely, think like a lifeguard (a whistle is optional) and set some rules.

Summer Safety Pool

  • Learn pool safety together and enforce it. Make sure that kids have proper floating devices if they’re new to swimming. And always ensure that a supervising adult is present when children are in the pool.
  • To avoid slips and falls on wet surfaces, teach your kids not to run and chase each other around the pool.
  • Set ground rules that specify when your pool is off-limits. A fence and gate are essential to keep kids out when you’re not there. For extra awareness, attach a contact sensor to get an alert if the gate is opened. Alarm.com’s smarter video alerts can also help.

4: One-third of burglaries don’t require a break-in.

Not all burglaries are carefully targeted and planned. Many are crimes of opportunity. And there’s no opportunity like an open garage, door or window. As you enjoy your outdoor space, be careful what you leave open.

A good security system is your best friend in preventing unlawful entry. Here’s what to look for when you shop for one:

  • A connected garage door opener, controlled from your phone, makes it easy to lock up behind you.
  • Geo-services technology can send you an alert if you leave home with your front door or garage unsecured.

5: Grills cause more than 10,000 house fires every year

You can laugh off most cooking disasters, but not this one. Always grill at a safe distance from your home, its roof eaves, deck railings and any overhanging branches.

Summer Safety Grilling.png

  • If you grill with propane, check the gas tank hose for leaks once a year by applying soapy water. If you see bubbles, get your grill serviced.
  • If you use charcoal, invest in a chimney starter. Never apply charcoal fluid to a grill that’s already lit, and let your coals cool overnight before you dispose of them.
  • Don’t leave your grill unattended, and keep children and pets away from it. Last year, 19,000 people went to the hospital for injuries involving a grill.

Want to keep your home safer this summer?

Shaping up your summer security is easy with Computers N’ Stuff + Alarm.com technology. Our technicians can quickly outfit your home with state-of-the-art home security technology, including smart locks, video cameras, and professional monitoring for emergencies, with a single smartphone app to control it all.

To get started, fill out the form below.

Sources: Department of Justice,  US Consumer Product Safety CommissionNFPAFBI 

What Is a Contact Sensor?

Posted on by
Thanks to dramatic improvements in home security technology, the unassuming contact sensor, a staple of security systems, has also become a key building block of the Smart Home.
Originally designed to catch an intruder opening a door or window, this small device can also trigger smartphone alerts, turn your lights on, and even control a smart thermostat. That’s all thanks to Alarm.com’s Smart Home platform, which turns data from contact sensors into intelligent actions.

What does a contact sensor do?

Contact sensors tell your system if something is open or closed.

They’re typically installed on doors, windows or drawers throughout the house. They have two pieces: one installed on the door itself; the other installed next to it on the jamb. When the door is opened and the pieces move apart, the sensor signals ‘open’ to your security system.

In a traditional security system, the contact sensor’s role is to trigger the alarm. If the security system is armed and one of the sensors on a window or door signals ‘open’, the system will signal an alarm unless disarmed.

In a Smart Home Security system from Alarm.com, the sensor’s role is far greater.  Their status (open or closed) can generate real-time smartphone alerts so you know when a door is opened around the home.  These alerts are easy to customize, so you can set them up to get exactly the important information you want. For example, you can get an alert if a window is open when you go to bed, or if you leave home without closing the back door.

Where else can they help protect?

Because contact sensors are wireless and easy to install you can put them on almost anything that you want to keep tabs on.

What Is a Contact Sensor Alert

    • Protect valuables: Place one on a safe at home or on a jewelry box so you always know if they’re being accessed or if you left it open.
    • Protect your yard: a contact sensor can alert you if someone opens the gate from your yard to the street, or accesses your pool.
  • Protect food: a contact sensor can alert you if your freezer drawer is open and your food is in danger of defrosting.

Triggering Connected Devices

As well as triggering alerts, contact sensor can trigger different devices in your Smart Home to act automatically by feeding real-time data back to your system. For example:

  • Thermostat setback: If a contact sensor indicates a door or window left open, Alarm.com’s Smart Thermostat will automatically set back to save energy until the door is closed again.
  • Smart Lighting: A contact sensor on your yard gate can trigger your porch light to turn on if someone opens the gate after dark.

How do I get them? 

Contact sensors are a component of our Smart Home Security systems and come with your security panel. You can add more to the system as well.

To Learn more, fill out the form below.

What is Professional Security Monitoring?

Posted on by

One of the smartest things about an Alarm.com-powered home is the proactive safeguards it provides for your family. Your system’s advanced technology detects potential danger and takes action on your behalf.

Our Insights EngineGeo-Services and Crash and Smash protection are all examples of proactive safeguards that work on their own, using Alarm.com’s cloud intelligence and real-time data from devices around your home.

One proactive safeguard, however, has a human element: professional security monitoring, which is provided by every Alarm.com service provider.

What does it do?

In an alarm event at your home—a break-in, or fire—an Alarm.com-powered security system sends an emergency signal, via dedicated cellular connection, to a 24-7 monitoring station. There, a trained security professional assesses the situation and quickly alerts your local law enforcement or fire department to the emergency.

Choosing Security System Monitoring
How important is professional monitoring?

Do you need a service like this ? After all, there are plenty of connected cameras and motion-detecting smart devices out there, all capable of alerting you to activity at home with a quick smartphone message.

Well, consider this:

Alerts are easy to miss. What if you’re not available when a break-in happens? What if you’re at the gym, or swimming, or at the movies with your phone on “do not disturb”. Maybe you’re on an airplane, or even just asleep.

It’s inconvenient. Checking every alert, sorting harmless activity from the suspicious, and investigating each one – 24/7 – won’t be easy.  So you might find a great price on the camera, but when you have to provide your own security, you’ll end up investing plenty of time.

This isn’t your job. If there’s an emergency at home, your job is to focus on one thing: keeping you and your loved ones out of harm’s way.

How do I get professional monitoring?

Professional monitoring is included with all Computers N’ Stuff + Alarm.com-powered smart home security systems, alongside other security-grade features like crash and smash protection, or our dedicated cellular connection.  It’s the only home security solution that delivers true protection and peace of mind.

To connect, fill out the form below and one of our agents will be in contact: