Talk about perfect timing for this video. I just received my Unifi equipment and will be moving my home network over this weekend from an Asus AIMesh system with 2 routers in mesh mode. I will be using UCG Ultra, flex mini switch and 2x Unifi 6pro AP’s. Thank you for making this video. It makes it all clear now as to what needs to be done.😊
Thanks so much. İ have an aged friend looking to add a unifi express to his modem router combo to take advantage of the vpn client facilities. The job fell to me and caused some real stress. You just alleviated most of that!
You don't need to have multiple SSID. Unifi has a setting where you can broadcast 1 SSID but use different passwords (PSK) to connect to different VLANS. Under the manual wifi settings click the check box Private Pre-Shared Keys
@@ethernetblueprint not my first rodeo though, I have four decades in IT&T. I've replaced a rack mounted networking stack with the same gear you specified by coincidence because its a good fit for home. There's sufficient performance, easy to setup inbuilt capability to push POE out to the small switches to aggregate wired devices which removes the need for wall warts as well as powering the AP. I had intended to mount the AP on the ceiling, turns out its just fine where it is under the table. Configuration is easy and while the cool youtubers want to segment into vlans, create guest networks and go nuts with configuring everything, its not really necessary for home. Just because you can doesn't mean you should, but its still worth demonstrating the capability. When it comes to renaming the SSID for an existing network, the bigger nuisance is reconfiguring all the clients for a new SSID and password. I have a wireless telemetry network (PV monitoring, weather station, water management and so forth) in addition to a surprising number of wireless clients like phones and mobile devices, games consoles, the fridge for goodness sakes and so on, I wasn't going to mess about with putting a new access configuration into all of those devices. So I just used the same ssid and password in the new AP, job done. However if the number of wireless clients is small and a person has the time then sure, why not basically provide a new SSID for them and add them in one at a time from the old network, maintaining service continuity as you go. Renaming each device in the unifi console is a trivial activity compared to configuring each client to access the wireless network. Pros and cons as you said. In any case, it was a fairly trivial exercise to migrate, the new gear works well, uses little power, its inexpensive especially for native POE on a small scale and looks clean. I can see why unifi kit is popular for home use.
I commend you for this gargantuan topic. Not everyone has your dominion of the topic to make it much easier and understandable for us, who need a spoon feeding approach. I got a lot of my challenges addressed by your video. My ISP refuses to give me a public IP address nor does it allow me to get a CGNAT address. So I’m stuck with double/triple nating. I did configured my ISP router to a DMZ forward and it makes it easier to configure my Unifi gateway. Still, I wish I could just get rid of that “man in the middle “. Again. Any suggestions, as to another approach, are welcomed Great presentation and very eye opening. 👍👍
I prefer to maintain a single SSID (wireless network name) while setting up a second LAN specifically for IoT devices. Under the Wi-Fi’s manual settings, I use “Private Pre-Shared Keys” to manage access. Assign one password for accessing the IoT LAN (LAN2) and a different password for your standard network. Use the IoT password for all your IoT devices and the standard password for everything else. The way I migrated, was by keeping the same SSID and the same password, so all the IOT's connected to that network, add them to a sperate LAN and then you will only have the devices left which are easy to migrate such as laptops, which can be added using a differant password to the main LAN.
That is smart... I just helped a guy who had a ton of IOT devices and we took a similar approach. It was the lesser of two evils... Thanks for sharing!
Edit: Oh sorry I finally saw that part. Being a networking newbie it's quite complicated and technical. I noticed my TP-Link Deco X50-5G has Bridge Mode. I actually plan to run it as a modem and move my network ecosystem to Ubiquiti Unifi. However, is there an easy way to retain all there reserved IP addresses that I have for my smart home devices under my previous SSID? I'm afraid of the monumental task of rebuilding and re-adding all the devices one by one. There are about 30 smart home devices.
Inside the client section of the Unifi portal, you can add clients manually before connecting them. This is in the top right of the portal screen on a computer. You could try manually adding your reservations first during the building process, before you cutover.
Great video, just added more to consider for something I completely disregarded. But my situation is a bit different and maybe your concern (about devices flooding in) might not be an issue. I have a TPLINK router currently off my cable modem using 192.168.0.* address space. I have 4 Unifi WAP (AC Lite) devices already and the Controller (Network 8.4.62) already has most of my devices named. I had envisioned taking the TPLINK offline and putting a Cloud GW Ultra quickly in it's place using the same address space. Will the CGW-U network controller pick up all my named info once I adopt the 4 WAPs??? My main objective is to create VLANs for guest and IOT devices after I have stabilized the network. I also do NOT want to run around to dozens of devices in hard to reach places (ceilings, lights mounted on the house) to try to get them onto a new SSID. I have about a dozen static IP addresses (wired and wifi) all over the address space all assigned by the TPLINK router - not sure if the CGW-U has the same flexibility vs reserving a DHCP range. Thanks again for giving me something else to consider.
You may be alright with your client names, but, to be 100% honest, I don't know if that will pass over. My guess is yes, but I would still maybe take some screen shots of the client names before move so you had record you could work from... You do have the same flexibility with reserving IP space in Unifi... So you can start your DHCP with whatever IP you'd like... and make reservations of DHCP devices too.. Glad the video helped... good luck with your project!
@@ethernetblueprint Thanks, I was able to grab the data off the Controller's Web page and stick it into a spreadsheet with a litlte work. 55 devices minimum. I will rewatch this again before deciding on a direction. I have a feeling I can try it my way, if it doesn't work, I can probably just plug the TPLInk router back in and reload the existing WAPs from a controller backup and try the migration. I am concerned about two non-UNIFI switches in the network I'm now figuring Im'm going to need at least one FLEX switch and maybe more If I want to do VLANs.
Hello! By chance do you have a video on Ubiquity redundant wan connectivity? I heard they have an offering with redundant wan's but man is their website hard to navigate if you're trying to learn about specific routing features some of the hardware may or may not offer.
Some of the Unifi routers do allow you to have dual wan setups. I don't have a specific video on this, but I do have one that goes into the routers and some of their features. This video was before they made the Cloud Gateway Max but I can tell you that it is capable of dual wan as well... studio.ua-cam.com/users/videoDQc9VnnM4sQ/edit
The correct term for you cable modem is bridge mode. This mode turns off all routing function including the WiFi radio antenna. This is the mode I set my isp cable modem / crappy router to use my good WiFi router without having to deal with an extra hop in my network adding useless latency.
@ethernetblueprint do you know if using a Poe+ adapter to go with the new flex mini 2.5 is actually adding latency? Or if it is transparent? My 2 new PCs are coming with 2.5Gb NIC, and I'm trying to convert my traditionnal Wi-Fi 5 over 1Ge setup into a real full Wi-Fi 7 over 2.5Gb. Cloud Gateway Max + flex mini 2.5 + 2x u7 Pro + 2x30w Poe+ adapters. 1200$ CA, cheaper then a Wi-Fi 7 mesh kit with 2 satellites.
@@ethernetblueprint unfortunately there are no udm 2.5 yet. Maybe soon I hope with poe. Otherwise the gateway cloud max 2.5 is the only one and always back order. For switch the only full 2.5 with poe is the enterprise 8, pretty expensive for just 8 port compared to the new mini 2.5. Basically we need 2.5 version of all their 1Ge big sellers. 😅
In todays world everyone wants to go faster and faster over WiFi. WiFi 7 (w/MLO enabled which isn't supported yet in Unifi WiFi 7 devices) will enable you to do multiGig speeds over WiFi in the right conditions. If you only have a 1Gb connection to the AP, the that will be your max throughput.... Even though, it is capable of going faster. Its like having a ferrari with a top speed of 180 mph, but it has governor on it that only allows it to go 100 mph... So, but having a 2.5Gb port on the AP, it will allow you to get those faster speeds. Again, in the right conditions... Hope that helps.
@@ethernetblueprint I will be getting 2.5 Fiber sometime next year. I have wifi 7 on my phone. So I don't want to limit what it is capable of doing. I appreciate your response. I have been studying videos to learn as much as possible about unifi.
Many of them do that for security... If you call them, they should give you that log in credential and VLAN ID. Then you would just need to input that in to the WAN info on the router. We have a provider called Centurylink that is setup the same way... Only the owner of the account can call and get that info... Good luck!
On the back of your NVR, there is a network port. You would simply plug your hikvision NVR into your Unifi switch (not sure if you are doing VLANs or not)... and then run all of your IP cameras to your hikvision NVR. That should allow everything to talk and will force the NVR to do your POE for the cameras. It also frees up ports on your Unifi switch for other devices. So, in short, there would only be 1 connections from hikvision plugged into your Unifi switch... just the NVR.
So, my UDM PRO, switch and routers came in 2 days ago, 0 networking knowledge, currently using eero 6 (most i've done in setting up a network) and my house use heavy on home assistant. I would like to have separate vlans for our phones and tablets, Kids, cameras and guest and another for iot devices(HA and all). How can i reduce the downtime considering i'm creating the 10.XX.XX series ? Any tip would help
It really depends on a few things as to whether or not that will reduce downtime but using that IP scheme is a perfectly acceptable option. I use it in my home. I think it stands out a little bit more from the 192.168.X.X network so Absolutely, give it a shot.
May I ask why you need vlans? Are you managing thousands of client devices in which case using different subnets makes sense or is it a because you can kind of deal? In any case create your new subnet and assign each client device to the new subnet from the old. That way you minimise downtime of individual devices. Then you can create any firewall or optimisation rules per subnet as well. I'm not a big fan of creating endless subnets to segment devices by capability unless there is some reason to do so such as provide specific firewall rules or optimisations. If you have plenty of bandwidth, then there is little need to do so for performance reasons for example (QoS for voice/conference services lets say). But if you want to do it just because then for sure go for it.
Good video but note: you never explain what an IOT network is nor what a VLan is. As this is not geared towards experienced users you really have to explain more. Like how to see clients of 2 different subdomains at the same time e.
True, but this video wasn’t about that. It was just covering the migration from old to new. However, If you go to my playlists, I have a full series called UniFi for Newbies and I dive into all of that. You should check that out. Might be what you’re looking for.
Talk about perfect timing for this video. I just received my Unifi equipment and will be moving my home network over this weekend from an Asus AIMesh system with 2 routers in mesh mode. I will be using UCG Ultra, flex mini switch and 2x Unifi 6pro AP’s. Thank you for making this video. It makes it all clear now as to what needs to be done.😊
You are so welcome! I hope it helps with your cutover!
@@ethernetblueprint Cutover complete. Working like a charm. Thank you
I’m extremely happy to hear that. Congrats.
Do the UCG ultra work as a router right?
@@martg0yes
Thanks so much. İ have an aged friend looking to add a unifi express to his modem router combo to take advantage of the vpn client facilities. The job fell to me and caused some real stress. You just alleviated most of that!
Nice... I am usually that guy to people too... LOL I wish you the best
You don't need to have multiple SSID. Unifi has a setting where you can broadcast 1 SSID but use different passwords (PSK) to connect to different VLANS. Under the manual wifi settings click the check box Private Pre-Shared Keys
Wow cool. I didn't know this. I will definitely look into doing this on my system.
Yes, Great Call-out! Thanks!
@@pitor87 it’s great when you start to get pass 3-4+ bland that you want to connect to over wifi
I did this recently. Basically used the same IP on the new device, substituted it for the old, migrated the switch and AP job done.
Nice! This is encouraging for the other viewers. Thanks for sharing!
@@ethernetblueprint not my first rodeo though, I have four decades in IT&T. I've replaced a rack mounted networking stack with the same gear you specified by coincidence because its a good fit for home.
There's sufficient performance, easy to setup inbuilt capability to push POE out to the small switches to aggregate wired devices which removes the need for wall warts as well as powering the AP. I had intended to mount the AP on the ceiling, turns out its just fine where it is under the table. Configuration is easy and while the cool youtubers want to segment into vlans, create guest networks and go nuts with configuring everything, its not really necessary for home. Just because you can doesn't mean you should, but its still worth demonstrating the capability.
When it comes to renaming the SSID for an existing network, the bigger nuisance is reconfiguring all the clients for a new SSID and password. I have a wireless telemetry network (PV monitoring, weather station, water management and so forth) in addition to a surprising number of wireless clients like phones and mobile devices, games consoles, the fridge for goodness sakes and so on, I wasn't going to mess about with putting a new access configuration into all of those devices. So I just used the same ssid and password in the new AP, job done. However if the number of wireless clients is small and a person has the time then sure, why not basically provide a new SSID for them and add them in one at a time from the old network, maintaining service continuity as you go. Renaming each device in the unifi console is a trivial activity compared to configuring each client to access the wireless network. Pros and cons as you said.
In any case, it was a fairly trivial exercise to migrate, the new gear works well, uses little power, its inexpensive especially for native POE on a small scale and looks clean. I can see why unifi kit is popular for home use.
I commend you for this gargantuan topic. Not everyone has your dominion of the topic to make it much easier and understandable for us, who need a spoon feeding approach. I got a lot of my challenges addressed by your video. My ISP refuses to give me a public IP address nor does it allow me to get a CGNAT address. So I’m stuck with double/triple nating. I did configured my ISP router to a DMZ forward and it makes it easier to configure my Unifi gateway. Still, I wish I could just get rid of that “man in the middle “.
Again. Any suggestions, as to another approach, are welcomed Great presentation and very eye opening. 👍👍
I’m in the same boat with the CGNAT as well. Not perfect solution as of now. Thanks for watching.
This video is a lot of talking, but hopefully it will help you with your cutovers out there!!!
You did a good job 👍👍 not to quick and not to slow ..
Great video. You explain very well. Regards
Glad you found it helpful!
I prefer to maintain a single SSID (wireless network name) while setting up a second LAN specifically for IoT devices. Under the Wi-Fi’s manual settings, I use “Private Pre-Shared Keys” to manage access.
Assign one password for accessing the IoT LAN (LAN2) and a different password for your standard network.
Use the IoT password for all your IoT devices and the standard password for everything else.
The way I migrated, was by keeping the same SSID and the same password, so all the IOT's connected to that network, add them to a sperate LAN and then you will only have the devices left which are easy to migrate such as laptops, which can be added using a differant password to the main LAN.
That is smart... I just helped a guy who had a ton of IOT devices and we took a similar approach. It was the lesser of two evils... Thanks for sharing!
Edit: Oh sorry I finally saw that part. Being a networking newbie it's quite complicated and technical.
I noticed my TP-Link Deco X50-5G has Bridge Mode. I actually plan to run it as a modem and move my network ecosystem to Ubiquiti Unifi. However, is there an easy way to retain all there reserved IP addresses that I have for my smart home devices under my previous SSID? I'm afraid of the monumental task of rebuilding and re-adding all the devices one by one. There are about 30 smart home devices.
Inside the client section of the Unifi portal, you can add clients manually before connecting them. This is in the top right of the portal screen on a computer. You could try manually adding your reservations first during the building process, before you cutover.
Great video, just added more to consider for something I completely disregarded. But my situation is a bit different and maybe your concern (about devices flooding in) might not be an issue. I have a TPLINK router currently off my cable modem using 192.168.0.* address space. I have 4 Unifi WAP (AC Lite) devices already and the Controller (Network 8.4.62) already has most of my devices named. I had envisioned taking the TPLINK offline and putting a Cloud GW Ultra quickly in it's place using the same address space. Will the CGW-U network controller pick up all my named info once I adopt the 4 WAPs??? My main objective is to create VLANs for guest and IOT devices after I have stabilized the network. I also do NOT want to run around to dozens of devices in hard to reach places (ceilings, lights mounted on the house) to try to get them onto a new SSID. I have about a dozen static IP addresses (wired and wifi) all over the address space all assigned by the TPLINK router - not sure if the CGW-U has the same flexibility vs reserving a DHCP range. Thanks again for giving me something else to consider.
You may be alright with your client names, but, to be 100% honest, I don't know if that will pass over. My guess is yes, but I would still maybe take some screen shots of the client names before move so you had record you could work from... You do have the same flexibility with reserving IP space in Unifi... So you can start your DHCP with whatever IP you'd like... and make reservations of DHCP devices too..
Glad the video helped... good luck with your project!
@@ethernetblueprint Thanks, I was able to grab the data off the Controller's Web page and stick it into a spreadsheet with a litlte work. 55 devices minimum. I will rewatch this again before deciding on a direction. I have a feeling I can try it my way, if it doesn't work, I can probably just plug the TPLInk router back in and reload the existing WAPs from a controller backup and try the migration. I am concerned about two non-UNIFI switches in the network I'm now figuring Im'm going to need at least one FLEX switch and maybe more If I want to do VLANs.
I'm rooting for you... These things are always work... especially with a lot of devices... Good luck!
When creating the new wifi network, does it broadcast both 2.4 and 5 simultaneously?
By default, yes. But you can easily adjust that and identify which frequency you want that SSID to use.
Hello! By chance do you have a video on Ubiquity redundant wan connectivity? I heard they have an offering with redundant wan's but man is their website hard to navigate if you're trying to learn about specific routing features some of the hardware may or may not offer.
Some of the Unifi routers do allow you to have dual wan setups. I don't have a specific video on this, but I do have one that goes into the routers and some of their features. This video was before they made the Cloud Gateway Max but I can tell you that it is capable of dual wan as well...
studio.ua-cam.com/users/videoDQc9VnnM4sQ/edit
The correct term for you cable modem is bridge mode. This mode turns off all routing function including the WiFi radio antenna. This is the mode I set my isp cable modem / crappy router to use my good WiFi router without having to deal with an extra hop in my network adding useless latency.
I have seen it called bridge mode and bypass mode in devices... Thanks for sharing that with the viewers though.
@ethernetblueprint do you know if using a Poe+ adapter to go with the new flex mini 2.5 is actually adding latency? Or if it is transparent?
My 2 new PCs are coming with 2.5Gb NIC, and I'm trying to convert my traditionnal Wi-Fi 5 over 1Ge setup into a real full Wi-Fi 7 over 2.5Gb. Cloud Gateway Max + flex mini 2.5 + 2x u7 Pro + 2x30w Poe+ adapters. 1200$ CA, cheaper then a Wi-Fi 7 mesh kit with 2 satellites.
I'm fairly certain the throughput on the injector is 1Gb, so I would imagine that would be your max speed using one.
@@ethernetblueprint unfortunately there are no udm 2.5 yet. Maybe soon I hope with poe. Otherwise the gateway cloud max 2.5 is the only one and always back order.
For switch the only full 2.5 with poe is the enterprise 8, pretty expensive for just 8 port compared to the new mini 2.5.
Basically we need 2.5 version of all their 1Ge big sellers. 😅
I think all of this is coming... it just takes time to get it rolled out and tested.
Can you tell me what I gain with a 2.5 Gbit connection to U7 rather than a 1gb connection? Thanks.
In todays world everyone wants to go faster and faster over WiFi. WiFi 7 (w/MLO enabled which isn't supported yet in Unifi WiFi 7 devices) will enable you to do multiGig speeds over WiFi in the right conditions. If you only have a 1Gb connection to the AP, the that will be your max throughput.... Even though, it is capable of going faster. Its like having a ferrari with a top speed of 180 mph, but it has governor on it that only allows it to go 100 mph... So, but having a 2.5Gb port on the AP, it will allow you to get those faster speeds. Again, in the right conditions... Hope that helps.
@@ethernetblueprint I will be getting 2.5 Fiber sometime next year. I have wifi 7 on my phone. So I don't want to limit what it is capable of doing. I appreciate your response. I have been studying videos to learn as much as possible about unifi.
I am happy to help! Congrats on the 2.5Gb fiber!
Can u elaborate on how to set up pppoe
What ISP do you have? I assume this is so you can connect directly to their internet and bypass the modem?!?
@@ethernetblueprint it's etisalat uae. They assigned me a username and password and a vlan id (I have no idea why a vlan id)
Many of them do that for security... If you call them, they should give you that log in credential and VLAN ID. Then you would just need to input that in to the WAN info on the router. We have a provider called Centurylink that is setup the same way... Only the owner of the account can call and get that info... Good luck!
@ unfortunately I have filed for rma and moving out of ubiquiti. Thanks for ur help
Can I use a hikvision poe NVR plugged into a dream machine???
You can plug any NVR into a dream machine. The dream machine does not have POE so if that is a POE NVR, it won't power it.
@@ethernetblueprint so what would be my best option if I want hikvision CCTV and cameras but unify for me whole house internet. Thanks in advance 👍🏻
On the back of your NVR, there is a network port. You would simply plug your hikvision NVR into your Unifi switch (not sure if you are doing VLANs or not)... and then run all of your IP cameras to your hikvision NVR. That should allow everything to talk and will force the NVR to do your POE for the cameras. It also frees up ports on your Unifi switch for other devices. So, in short, there would only be 1 connections from hikvision plugged into your Unifi switch... just the NVR.
@ethernetblueprint Thanks so much for that, I just wish unify had a 10" screen like hikvision have
Great!
Thanks!
I think I would also make a VLAN for the children’s things also tbh so their stuff isn’t on the secure network.
Absolutely... The VLANs you create are entirely up to you. There are lots of different ways to do this...
So, my UDM PRO, switch and routers came in 2 days ago, 0 networking knowledge, currently using eero 6 (most i've done in setting up a network) and my house use heavy on home assistant. I would like to have separate vlans for our phones and tablets, Kids, cameras and guest and another for iot devices(HA and all). How can i reduce the downtime considering i'm creating the 10.XX.XX series ? Any tip would help
It really depends on a few things as to whether or not that will reduce downtime but using that IP scheme is a perfectly acceptable option. I use it in my home. I think it stands out a little bit more from the 192.168.X.X network so Absolutely, give it a shot.
@@ethernetblueprint Thank you!
May I ask why you need vlans? Are you managing thousands of client devices in which case using different subnets makes sense or is it a because you can kind of deal? In any case create your new subnet and assign each client device to the new subnet from the old. That way you minimise downtime of individual devices. Then you can create any firewall or optimisation rules per subnet as well.
I'm not a big fan of creating endless subnets to segment devices by capability unless there is some reason to do so such as provide specific firewall rules or optimisations. If you have plenty of bandwidth, then there is little need to do so for performance reasons for example (QoS for voice/conference services lets say). But if you want to do it just because then for sure go for it.
I’m the king of the castle. I just tell everybody there’s not gonna be no Internet for about an hour and that’s it. Problem solved 😂
I like that approach. Well Done!
Good video but note: you never explain what an IOT network is nor what a VLan is. As this is not geared towards experienced users you really have to explain more. Like how to see clients of 2 different subdomains at the same time e.
True, but this video wasn’t about that. It was just covering the migration from old to new. However, If you go to my playlists, I have a full series called UniFi for Newbies and I dive into all of that. You should check that out. Might be what you’re looking for.
You have the "go ahead" disease.
A lot of Unifi'ers do...