UniFi Support Tools
IT Pro Expert – Supporting Ubiquiti UniFi Solutions
UniFi Default Login:
Username: ubnt
Password: ubnt
UniFi SSH Commands
Command | Example | Function |
---|---|---|
info | info | Displays device information |
set-default | set-default | Factory reset device |
set-inform | set-inform http://192.168.1.1:8080/inform | Set URL of the controller for adoption. |
upgrade | upgrade https://.bin | Upgrade firmware |
fwupdate | fwupdate --url https://.bin | Update firmware |
reboot | reboot | Reboot the device |
poweroff | poweroff | Shutdown device |
uptime | uptime | Shows device uptime |
Network related SSH Commands
Command | Example | Function |
---|---|---|
ifconfig | ifconfig | Show network interface information |
ip address add | ip address add 192.168.1.143/24 dev br0 | Set static IP Address |
ip route | ip route | Display current gateway |
ip router add | ip route add default via 192.168.1.1 | Set default gateway |
echo "nameserver 192.168.1.1" > /etc/resolv.conf | Set DNS Server | |
ping | ping 1.1.1.1 | Check network connection to device |
arp | arp -a | Show arp table |
ip neigh | ip neigh | Show IPv6 neighbours |
UniFi OS SSH Commands
Command | Example | Function |
---|---|---|
ubnt-systool cputemp | ubnt-systool cputemp | Show CPU Temp |
ubnt-systool cpuload | ubnt-systool cpuload | Show CPU load |
ubnt-systool portstatus | ubnt-systool portstatus | Show port status |
ubnt-systool hostname | ubnt-systool hostname | Set new hostname |
ubnt-systool reboot | ubnt-systool reboot | Reboot device |
ubnt-systool poweroff | ubnt-systool poweroff | Shutdown device |
ubnt-systool reset2defaults | ubnt-systool reset2defaults | Factory reset device |
ubnt-device-info summary | ubnt-device-info summary | Show system information |
ubnt-tools ubnt-discover | ubnt-tools ubnt-discover | Show Unifi devices in the network |
cat /mnt/data/udapi-config/dnsmasq.lease | cat /mnt/data/udapi-config/dnsmasq.lease | Show DHCP Leases |
cat /mnt/data/udapi-config/unifi | cat /mnt/data/udapi-config/unifi | Show configuration |
/etc/init.d/S95unifios restart | /etc/init.d/S95unifios restart | Restart Unifi OS Web interface |
UniFi Log files
Command | Function |
---|---|
cat /var/log/messages | Output the error log |
tail -f /var/log/messages | Monitor log file |
cat /mnt/data/unifi-os/unifi-core/config/settings.yaml | Server settings |
cat /mnt/data/unifi-os/unifi-core/logs/discovery.log | Discovery log |
cat /mnt/data/unifi-os/unifi-core/logs/system.log | System log |
cat /mnt/data/unifi-os/unifi/logs/server.log | Server log |
cat /mnt/data/unifi-os/unifi-core/logs/errors.log | Http errors |
Additional SSH Commands
Device info, uptime:
info
example output:
cat /var/sysinfo/model
uname -a
- example output:
Linux U6-Lite 4.4.198 #0 SMP Thu Aug 30 12:10:54 2018 mips GNU/Linux
- example output:
uptime
CPU info:
cat /proc/stat | grep '^cpu '
cat /proc/cpuinfo
cat /proc/ubnthal/system.info
example output:
Memory (RAM) info:
free | grep 'Mem:'
free
Storage:
df -h
example output:
Log:
cat /var/log/messages
Get connected clients (MACs):
CLIENTS=`mca-dump |grep \"mac\" | grep -v ""` && echo "$CLIENTS"
Some configs:
cat /var/running.cfg
cat /var/system.cfg
Network: IP
netstat -rt -n
(cisco:show ip route
)
Show interfaces:
ifconfig
(cisco:show interfaces
)
Show config:
cat /mnt/data/udapi-config/unifi
cat /tmp/system.cfg
tcpdump:
tcpdump
Reset & potentially dangerous commands
Reset device to factory defaults:
syswrapper.sh restore-default
orset-default
Enter CLI:
mca-cli
Adopt a UniFi device into a controller device:
set-inform http://:8080/inform
Set password:
passwd
Reboot, shutdown AP:
reboot
poweroff
/usr/etc/rc.d/rc.softrestart save
(not tested)
Manually Upgrade AP:
syswrapper.sh upgrade http://ip-of-controller:8080/dl/firmware/BZ2/xxxxx/firmware.bin
Upgrade AP (online):
- Search for firmware URL (download button) – https://www.ui.com/download/unifi/default/default/unifi-firmware-56019-u6-lite/
upgrade https://dl.ui.com/unifi/firmware/UAL6/5.60.19.13044/BZ.mt7621_5.60.19+13044.211113.0640.bin
Show other commands:
ubntbox
UniFi Network – Required Ports Reference
The following lists the UDP and TCP ports used by UniFi. This information mainly applies to users with a self-hosted UniFi Network Server, or users with third-party devices and firewalls. For this reason, we generally recommend a full UniFi deployment for seamless deployment and optimal native compatibility.
Local Ingress Ports (Incoming)
Protocol | Port Number | Usage |
---|---|---|
TCP/UDP | 53 | Used for DNS. This is required for Guest Portal redirection, downloading updates, and remote access. |
UDP | 3478 | Used for STUN. |
UDP | 5514 | Used for remote syslog capture. |
TCP | 8080 | Used for device and application communication. |
TCP | 443 | Used for application GUI/API as seen in a web browser. Applications running on a UniFi Console |
TCP | 8443 | Used for application GUI/API as seen in a web browser. Applications running on a Windows/macOS/Linux machine |
TCP | 8880 | Used for HTTP portal redirection. |
TCP | 8843 | Used for HTTPS portal redirection. |
TCP | 6789 | Used for UniFi mobile speed test. |
TCP | 27117 | Used for local-bound database communication. |
UDP | 5656-5699 | Used by AP-EDU broadcasting. |
UDP | 10001 | Used for device discovery. |
UDP | 1900 | Used to “Make application discoverable on L2 network” in the UniFi Network settings. |
UDP | 123 | Used for NTP (date and time). Required for establishing secure communication with remote access servers. |
Note: Although TCP 22 is not one of the ports UniFi Network operates on by default, it is worth mentioning that is the port used when UniFi devices or the Network application is accessed via SSH.
Ingress Ports Required for L3 Management Over the Internet (Incoming)
These ports need to be open at the gateway/firewall as well as on the machine running the UniFi Network application. This would be achieved by creating port forwards on the gateway/firewall where the application is running.
Protocol | Port Number | Usage |
---|---|---|
UDP | 3478 | Used for STUN. |
TCP | 8080 | Used for device and application communication. |
TCP | 443 | Used for application GUI/API as seen in a web browser. Applications running on an UniFi Console |
TCP | 8443 | Used for application GUI/API as seen in a web browser. Applications running on Windows/macOS/Linux machines |
TCP | 6789 | Used for UniFi mobile speed test. |
TCP | 8880 | Used for HTTP portal redirection. (only needed if using Guest hotspot) |
TCP | 8843 | Used for HTTPS portal redirection. (only needed if using Guest hotspot) |
Egress Ports Required for UniFi Remote Access (Exiting)
In most cases, these ports will be open and unrestricted by default.
Protocol | Port Number | Usage |
---|---|---|
TCP/UPD | 53 | Used for DNS This is required for Guest Portal redirection, downloading updates, and remote access. |
UDP | 3478 | Used for STUN. |
TCP/UDP | 443 | Used for Remote Access service. |
TCP | 8883 | Used for Remote Access service. |
UDP | 123 | Used for NTP (date and time). Required for establishing secure communication with remote access servers. |
Changing Default Ports
Changing default port assignments can only be done on self-hosted UniFi Network Servers (Windows/macOS/Linux). This can be accomplished as follows:
- Close any instances of the UniFi Network application.
- Modify the system.properties file, which can be found in the directory /data/system.properties. For example, if port 8081 was in use and port 8089 was open, you could change it by modifying unifi.shutdown.port=8081 to unifi.shutdown.port=8089
- Restart the UniFi Network application.
Note: Make sure there are no leading or trailing spaces, comments, or other characters (i.e., #) on any custom lines. Otherwise, UniFi Network will ignore the customizations.
Download UniFi Controller:
UniFi Firmware Download
UniFi Firmware Download:
https://www.ui.com/download/unifi
UniFi Controller V5 User Manual:
https://dl.ui.com/guides/UniFi/UniFi_Controller_V5_UG.pdf
UniFi AP User Guide:
https://dl.ubnt.com/guides/UniFi/UniFi_AP_AP-LR_User_Guide.pdf
UniFi Network Guidance/Best Practice/VLANs/Sonos/Chromecast Pages:
https://help.ui.com/hc/en-us/sections/6582310816535-Network
UniFi Chrome Device Discovery Tool:
UniFi OS NextDNS Install:
https://github.com/nextdns/nextdns/wiki/UnifiOS
NextDNS Sign Up Account:
Run the following command using SSH:
sh -c 'sh -c "$(curl -sL https://nextdns.io/install)"'
Note: Queries from the UDM/UXG itself won’t be routed to NextDNS nor encrypted due to current system limitation. All traffic from other devices on then network will.
Usefull NextDNS commands:
nextdns status
nextdns start
nextdns stop
nextdns restart
nextdns log
nextdns activate
nextdns deactivate
nextdns help
nextdns (run again to get remove or reconfigure)
Notes:
Make sure all DNS functions on the controller are disabled like: Content Filtering on ALL networks. Make sure DNS IP is Auto on all networks.
After firmware updates – make sure the NextDNS is still installed and functioning.
Setup script options that worked with UXG:
Report Device Name: Y
Setup as a Router: Y
Enable Caching: Y
Enable Instant Refresh: Y
Automatically setup local host DNS: Y
UniFi Controller Linux Installer Auto Script:
UniFi OS RAM Allocation Adjust 1Gb to 2Gb – Network Tuning:
Linux: via SSH check “top -SH” and see mem used at the top.
cd /var/lib/unifi
nano system.properties
then add the following 2 lines if not found:
unifi.xmx=2048
unifi.xms=2048
save and exit then run : service unifi restart
UniFi Self Hosted Controller
https://ui.com/download/releases/network-server
sudo apt-get update
top -sh
To stop the UniFi service: sudo service unifi stop
To restart the UniFi service: sudo service unifi restart
To see the status of UniFi service: sudo service unifi status
Updating and Installing Self-Hosted UniFi Network Servers (Linux) the OLD way- See link below:
https://help.ui.com/hc/en-us/articles/220066768-Updating-and-Installing-Self-Hosted-UniFi-Network-Servers-Linux
The NEW “easy” UniFi Hosted Controller INSTALLATION AND UPGRADE scripts:
BACKUP FIRST!
https://community.ui.com/questions/UniFi-Installation-Scripts-or-UniFi-Easy-Update-Script-or-UniFi-Lets-Encrypt-or-UniFi-Easy-Encrypt-/ccbc7530-dd61-40a7-82ec-22b17f027776
A Massive Thank You to “Glenn R” at UniFi for all the magic coding that went into these scripts: https://glennr.nl/scripts
This script also includes upgrades to MongoDB. The script can do large leaps like from v3.6 to v7.0
Do not interrupt any of these updates – they take a long time. We have seen anything from 5 to 40 minutes for both application or database.
*** Warning – make sure you run the right script. One is for new installs and the other is for upgrades.
CHECK MongoDB VERSION - MAY NEED UPDATE TOO
mongod --version
apt-get update; apt-get install ca-certificates curl -y
NEW INSTALL:
curl -sO https://get.glennr.nl/unifi/install/install_latest/unifi-latest.sh && bash unifi-latest.sh
UPGRADE EXISTING:
curl -sO https://get.glennr.nl/unifi/update/unifi-update.sh && bash unifi-update.sh
Wireless Long Range Design Tool
UniFi USG Comparison Chart
UDR vs UDM-Pro vs UDM-SE vs UDW vs UXG-Lite vs UXG-Pro
See below for link to source and further information.
For additional charts including switches/cloudkeys/ visit McCannTech:
https://evanmccann.net/blog/ubiquiti/unifi-comparison-charts
There are a lot of resources on this website and I highly recommend a visit.
UniFi Access Points Antenna Radiation Patterns
See all patterns here: https://help.ui.com/hc/en-us/articles/115005212927-UniFi-Network-AP-Antenna-Radiation-Patterns
UniFi Protect – CCTV Storage Calculator
UDR = Integrated 128GB SSD with SD Card Slot (Max 1x 4k Cameras or 2x 2k)
UCK-G2-Plus = 1 Drive Bay [Comes with 1TB upgradable to 5TB] (Max 7x 4k Cameras or 12x 2k)
UDM-Pro = 1 Drive Bay (Max 7x 4k Cameras or 12x 2k)
UDM-SE = 1 Drive Bay (Max 7x 4k Cameras or 12x 2k)
UNVR = 4 Drive Bays (Max 15x 4k Cameras or 25x 2k)
UNVR-Pro = 7 Drive Bays (Max 20x 4k Cameras or 30x 2k)
Step 1: https://ui.com/cloud-gateways/resource-calculator
Step 2: https://zufall.co/protect-calculator/
Step 3: https://design.ui.com/wizard
UniFi WiFi Roaming Fix – Fast Roaming for Mobiles
Ubiquiti UniFi Specialists
Please feel free to contact us for any additional services not listed on this page or if you have any queries that we can help with. Our sales lines are open 9:30 to 5:30 and critical support services are available 24/7