Tag: Ubiquiti

My in-laws have a large house and wanted to extend wifi coverage. Since its initial teething problems, my Ubiquiti AP AC Lite has mostly been working well (it’s hard to tell, since it works, but UniFi will no longer adopt or connect to it!), so I thought I’d give Ubiquiti a shot for sorting out this location too. They have an old Orange ADSL box made by Thomson dating from about 2008, so I figured just about anything would be an upgrade. My intention was to replace their existing wifi entirely and turn off the built-in wifi on the Orange box, much as I have done with my own setup, and hope that a better access point would provide sufficient coverage. For the access point I specced a UniFi AP AC LR “long range” model. Because I really don’t like the way that the Ubiquiti UniFi control software works when installed locally (and would be beyond my in-laws’ technical abilities to set up), I thought I’d also get a Cloud Key so that they didn’t need to worry about that, and that I could potentially use for remote access to their setup.

The kit is nicely packaged, but didn’t include any ethernet cabling nor a (1A, USB-C) power supply for the Cloud Key, so I popped out to get the necessary bits. First of all I wanted to set up the Cloud Key. The cloud key comes with a small printed setup guide, but the images on it are way too small to read – I found an online PDF version, but it turns out that even blown up the images are unreadable, but I could get a vague idea of what pages I was supposed to see. I inserted its SD card, plugged it into the Orange box via ethernet and its power supply and it started flashing. I then set about connecting to it from an old PC running Windows 7 and latest Chrome. After creating a Ubiquiti cloud account, the docs said I should be prompted to install the Ubiquiti Discovery Tool. This prompt did not happen. After some searching I found a link to it on the Chrome extension store and installed it manually – though it took me a while to realise that it is a standalone application and not a Chrome extension. At this point I was supposed to be shown the results of a network scan which would show me the Cloud Key and a “discover cloud key” switch. No such switch was shown in the scan page, but clicking a button labelled “Ubiquiti family” made the switch appear, but the search results remained resolutely empty. Searching through some forum posts suggested that this is a common problem, so I did a hard reset on the Cloud Key, and it finally appeared in the scan results with a “Pending” status beside it. Docs and forums said this should show an option to “adopt” it, but nothing happened after leaving it for a while. I realised I could connect to the CK directly via its own HTTP interface, but this was via its IP address using https and so inevitably required disabling security checks and ignoring multiple warnings in Chrome before I could get to it, but I successfully logged in using the default credentials.

Next I was shown a warning saying “SD card not installed” – when it was installed. I took it out and reinserted it a couple of times, restarted the Cloud Key again, but it didn’t come back up, so I pulled the power and tried again and it came back, and the card warning had gone away (though it didn’t show any status about its presence).

I know that Ubiquiti issues fairly regular firmware updates, so the first thing I did was check for updates, and sure enough, a Cloud Key update was available. Before doing that it complained that the Cloud Key had no backup – but the interface has no means of performing a backup, only a restore! I proceeded without. As well as the CK firmware, there was also a UniFi update available, so I updated that too. That installed smoothly, and restarted, but I was somewhat surprised to find that another upgrade was then available to both CK and UniFi, from 5.10 -> 5.12.66 -> 5.13.29 (with a reboot between each), and then no more updates were offered. I don’t know why this was not done in a single step. Again, no backup option was visible, but it still complained I didn’t have one.

Back in the Discovery tool I still could not see the CK. Forums reported more success using the UniFi iOS app, so I gave that a try, and found it, and adoption worked! After this had worked, it finally showed up in the discovery tool – so I gather the discovery tool’s discovery tools are no use for actually discovering things… However, if I tried to connect to it from the mobile app, I just received a cryptic error saying “api.env.cloudaccessenabled”, and it refused to go any further. Forums suggested a full factory reset, so I tried that, but it still didn’t work on the phone. The Discovery tool however was now showing the CK and also a demo account (which I deleted), so I could finally click the “Launch” button to start UniFi on the CK – only to be presented with a “Cannot check credentials” error. More forum searching and another hard reset later I was finally able to launch it and get into UniFi running on the CK. At this point I was offered yet another update to UniFi, this time to 5.13.32!

After about 5 hours of going round in circles, I could finally set up the access point (connected by ethernet to the same switch as the CK). It wanted its own firmware update, so I applied that. This part went relatively smoothly, adopting successfully in UniFi, though as I had found in my own setup, the AP sometimes drops off UniFi and has to be reconnected. I was able to do a network scan (which showed no contention on any channels – houses are far apart here and only 1 other network was visible), set up my SSID and password. I then reconnected to the new wifi network from my MacBook, and all seemed to work. Now to check the range…

The access point and Orange box are in a big room just next a courtyard; the aim was to get wifi coverage on the other side of the courtyard, about 15m away through one stone wall (very old, so no steel in it). The Orange box is under a desk behind another (steel) desk, and I had temporarily hung up the new AP on the wall, so the new AP had the advantage of slightly better placement and fewer obstructions. The Orange wifi dropped out at about 12m and the new AP’s network… did the same. Nowhere could I find a point at which I could remain connected to the new access point and not the old one, despite the “long range” designation, and the age of the old box. I also tried using my iPhone and a recent Android phone and saw similar results on all.

It’s clear that this performance is nowhere near what was expected (or at least hoped for) or needed, and that more access points / mesh antennas would be required to get this to reach the places its wanted, however, at this point I’d entirely lost confidence in the Ubiquiti systems, and we’d spent €200 for wifi that was no better than what we already had, it was getting too expensive, so all this hardware is going back.

The cloud account setup is also confusing – the relationship between the Cloud Key, UniFi, and the Ubiquiti account is messy, and there was no way that my non-technical in-laws would have coped with anything going wrong with it, which seemed likely to happen. So much for their slogan: “At last, simple IT that just works”.

For now we’ve decided we’re just giving up, and we’ll just put up with the limited, but reliable, stock wifi.

My broadband provider’s (free.fr) built-in wifi is pretty dismal – despite having a reasonably solid 26Mbit VDSL connection, my iPhone will often time out even when in the same room, and streaming video from another computer through 1 plasterboard wall often glitches, while an Ethernet connection works fine. Free’s admin software has a neat little channel scanner, and I can see that my network is the only one using these channels, so it’s not an interference problem, and my phone has no speed problems on other wifi networks I use. So I decided to spring for a new access point that would support 5GHz bands, to see if that would work better, and chose the AC-Lite model from the highly recommended Ubiquiti Networks.

I wasn’t sure if my router supported PoE, so I plugged in the AC-lite to see if would show any signs of life, but no lights came on – but none did. So I plugged in the PoE injector and plugged it in again – but still no signs of life! I replugged the PoE injector and checked the docs to ensure I had the ports connected the right way round, but still nothing. Leaving it plugged in, I started searching Ubiquiti’s support docs, but after a few minutes noticed that the lights had come on on the access point. A further test reveals that it takes quite a long time for anything to show up – it’s just slow.

While doing that, I needed to sign up for Ubiquiti’s support site at help.ubnt.com, so I did the whole email sign-up dance. I also gathered form the “Quick Start” guide that I needed to install a local copy of their management application, UniFi. So I grabbed the latest macOS version (5.6.22, at the time) and installed that. On running it, it complained it couldn’t run because “Port 8080 is used by other programs”. That is true – I run nginx on port 8080 with a port mapping from port 80 so I can run it unprivileged. After some rummaging through the help site, it tells me I need to edit the “system.properties” file and change the default port. I then need to find the system properties file. Eventually I find a reference that says it’s inside the UniFi app bundle, in UniFi.app/Contents/Resources/data, however, it’s not there. Later on I find a comment on someone else’s identical question revealing that this file is only created after you’ve run it successfully for the first time – so we have a stupid chicken & egg situation – you can only avoid a port clash by not having a port clash. So I stop nginx, relaunch UniFi, and sure enough, the system.properties file appears, so I can then quit, edit the settings and relaunch. This can’t be that unusual (given the numerous support questions asking it), and being able to set ports from the launcher would seem a basic thing to allow.

Now it lets me click the “Launch a browser to manage the network” button, which takes me to a browser page filled with warnings about invalid security settings – browsers are now much pickier about such things – and after clicking through all the warnings, it ultimately requires me to provide an admin override to allow the use of a self-signed certificate. Not pretty. It then tells me Safari isn’t supported. Sigh. So I switch to Chrome, and go through the whole set of security warnings again. None of this is mentioned in the quick start guide. I know what all this means – but I suspect many would not.

“At last”, I think, “I can get on with configuring this thing”. Fat chance. It takes me through a config wizard. As part of this it asks me to enter my login details for the Ubiquiti support site for its “cloud integration”. However, the login that I created earlier doesn’t work – after much retrying and checking, it turns out that I have to create a new account, because, obviously, help.ubnt.com and account.ubnt.com are completely different and unrelated sites ?. I noticed that the site supports 2FA, so I enabled that, though I also noticed that it does not provide any backup keys, so if you lose your authenticator (e.g. in the way that google authenticator does occasionally), you’re screwed.

Finally I get to log in, where I’m greeted with lots of greyed out areas and warnings saying “UniFi Security Gateway Required”, and “DPI data is missing”. Just what I wanted to see on my first login to this shiny new product. Requiring some other device is fine, but it doesn’t need to be so prominent that it looks like there’s something wrong.

After all that, I got everything connected. My iPhone connects over 5G, and so far it seems to be free of the network issues that led me in this direction to start with, so it worked out in the end – but it could so easily have been so much better.