The UniFi system software is called the Controller and runs on a various operating systems. As I have a Mac mini here, I decided to run it on there. Weirdly, however it runs as a GUI application which means that I have to be logged in. There’s no need for that though as by scouring the Internet I discovered that we can run it headless via. How to Find Mapping in the UniFi Controller; Related Articles; Introduction. An access point uses multiple MAC addresses for layer 2 communication on the different interfaces. The MAC address of a wireless interface is called the Basic Service Set Identifier (BSSID).
- Unifi Controller For Mac
- Download Unifi Controller For Windows
- Unifi V4.7.5 Controller For Windows
- Unifi Controller Software Download
UniFi by Ubiquiti Networks, inc. is a software that binds gateways, switches and wireless access points together with one graphical front end.
There is currently support for the following device types within Home Assistant:
Configuration
Home Assistant offers UniFi integration through Configuration -> Integrations -> UniFi Controller. Follow the instructions to get it set up.
The user needs administrator privileges in order to control switches.
Extra configuration of the integration
All configuration options are offered from the front end. Enter what UniFi integration you want to change options on and press the cog wheel.
Configuring Users
The UniFi controller allows you to create multiple users on it besides the main administrator. If all you want to use is the device tracker then it is recommended that you create a limited user that has
read-only
permissions for the UniFi device tracker. If you want blocking of network access or POE control as well you would need to have ‘admin’ permissions.Unifi Controller For Mac
UniFi OS
For UniFi OS a local-only user needs to be created. A user who uses the Ubiquiti cloud will not work. You can do this in the manage users section on the UniFi OS dashboard. Make sure to give it the right permissions for the functions you want to use. Note the Dream Machine Pro needs the port to be 443.
Conflicts with MQTT
The UniFi controller can either be a dedicated hardware device (UniFi’s cloud key), or as software on any Linux system. If you run the UniFi controller on the same operating system as Home Assistant there may be conflicts in ports if you have the MQTT integration as well.
It is recommended that you run the UniFi controller in a dedicated virtual machine to avoid that situation.
Presence detection
This platform allows you to detect presence by looking at devices connected to a UbiquitiUniFi controller.
Troubleshooting and Time Synchronization
Presence detection depends on accurate time configuration between Home Assistant and the UniFi controller.
If Home Assistant and the UniFi controller are running on separate machines or VMs ensure that all clocks are synchronized. Failing to have synchronized clocks will lead to Home Assistant failing to mark a device as home.
Switch
Block network access for clients
Allow control of network access to clients configured in the integration options by adding MAC addresses. Items in this list will have a Home Assistant switch created, using the UniFi Device name, allowing for blocking and unblocking.
Control clients powered by POE
Entities appear automatically for each connected POE client. If no POE client device is in operation, no entity will be visible. Note: UniFi infrastructure devices such as access points and other switches are not (yet) supported, even if they are powered over ethernet themselves.
Note that POE control actually configures the network port of the switch which the client is connected to.
Sensor
Bandwidth sensor
Get entities reporting receiving and transmitting bandwidth per network client.
Uptime sensor
Get entities reporting uptime per network client.
Debugging integration
If you have problems with UniFi or the integration you can add debug prints to the log.
As an additional exercise in securing my home network, I decided to delve into how IEEE802.1x or dot1x works.
I have a unifi-based setup (USG, USW and UAP) and a lot of my setup is wired. I found setting this up for a wireless network is near to trivial (take care to choose the correct mac-address format and stick to it), I found configuring it for a Windows client somewhat less trivial. Read on if you want to know how I fared.
Wired autoconfig or not wired autoconfig?
Because dot1x is a port-based authentication protocol, I figured my Windows client should be ready to perform this authentication protocol. A lot of posts talk about the “authentication” tab on the network adaptor properties, but I did not see such a thing.
Turns out, you will have to enable the Wired Autoconfig service, as described here. Starting this service will enable the authentication tab, but then what? In my case, the connection kept turning up as ‘Authentication failed’.
Unifi set-up
So, first things first, how did I configure the Unifi side of things? This excellent article by the Ubiquiti-people themselves explains how to setup the RADIUS server, the port profiles and how to enable them on the switch.
So I diligently set up users on unifi, consisting of mac-address users using the mac address as both username as well as password.
Then, I had my wired auto-config Windows (10)-client happily zooming away on a port that I had assigned access to a certain network based on a proper 802.1x authentication. However, the client kept reporting authentication failed-errors and subsequently was connected to the fallback network (in my case, a “guest”-network with only access to the internet).
I believe I tried all authentication options on the windows client (MS-AKA, MS-CHAP), all to no avail…
Finding the culprit
Next to examining the freeradius logfiles (/var/log/freeradius/) and playing around with the mac-address format, my attention was drawn to this post. What it basically says is that either you provide each client with a proper certificate or credentials, OR, you enable MAB (Mac-Address-Bypass) and have the switch “automatically” send the client’s mac-address as username and password for authentication.
Now, things started to click.
Now, things started to click.
Final config
It turns out that for the simple first step I wanted to take, the clients themselves did not need to do anything. I wanted mac-address based authentication, which would be automatically taken care of by the hardware if 802.1x would have MAC Address Bypass enabled.
As of the current controller version (check), it turns out this option is enabled by selecting “mac-based” on the port authentication type. Wrongly so, as the earlier linked post points out. As mac-based and MAB are apparently two completely different things.
Keygen solidrocks for 3ds max 2013 free download with crack. Therefore, I did not need to enable the wired autoconfig service, but would simply enable “mac-based” on the port profile, and make a RADIUS-user entry for the all capitalized mac address of the client!
Download Unifi Controller For Windows
A word of warning
Unifi V4.7.5 Controller For Windows
![Controller Controller](/uploads/1/1/8/9/118924046/222212286.jpg)
As MAC addresses are easily spoofed, this only provides a very thin layer of protection and some overhead in your infrastructure. I therefore consider this only a first step, with subsequent steps being certificate based RADIUS authentication, hoping I can somehow distribute certificates via my Active Directory infrastructure.
Unifi Controller Software Download
Stay tuned for this!