Seamless roaming
-
Normally the AP just use untagged for their there management IP.. For example my AP in the 192.168.2/24 network - is is vlan 2 on my switches - but is untagged on the connection the AP are connected to.
Then in the wireless network you just set the vlan ID for that SSID..
example this is my guest ssid, its on vlan 6
Do you really need/want your AP management IP to be on a tagged vlan? If so you can do that.
-
@johnpoz That's how it's now, but during setup/configuring I saw that ip's from my LAN (at which the UAP-nanoHD is connected) were assigned to wireless clients?
What's the best way to connect the second nanoHD and use fast wireless roaming (in the settings this not enabled by default and is called beta.
btw by default "Allow meshing from other access points" is enabled in the device settings it seems this resembling with
Uplink Connectivity Monitor Enable wireless uplink Enable element adoptionin settings or are these different things?
-
I don't use wireless uplink, but I would "think" that would be a requirement for meshing.. Since wireless connectivity to another AP is required for meshing to function.
were assigned to wireless clients?
Well unless you setup your vlans on your switch.. And your wireless network - then yeah the wireless network would be untagged and be on the same network as the wire is..
Fast roaming is just that, its not a requirement to roam ;) 802.11r or FT is really more geared towards wpa enterprise - where your using radius to auth..
The process can cut the auth down to like 4 packets vs 8, etc. But really to the user you really wouldn't notice any difference.. You shoudln't be noticing a roam from one AP to the another either way.. your talking like 50 ms..
-
@johnpoz 50ms ;) then I won't enable fast roaming and dsiable uplink and element adoption. Btw what is best practice on introducing the second nanoHD? Maybe make a backup of the first nanoHD a restore it to the second one?
-
huh? Just plug it in... Why would you need a backup? I think your not really understanding how multiple AP work with unifi..
The config is on the controller - it will push your config to whatever AP you adopt.. All the wireless networks will be on all AP you adopt.. Unless you specifically go into a AP and change something like don't broadcast this ssid, or disable 2.4 or 5, etc.
Be it you have 1 or 10 AP.. Only thing you would really want or need to change on the AP different AP is what channels to run on.. And you could actually just let that be auto via the controller, etc.
-
@johnpoz Yep, I didn't know how they work, from what I read now the moment you "adopt" a new one it will grab the settings, as I said I am on a steep learning curve.....
https://community.ui.com/questions/Adding-a-second-AP-to-my-house-do-I-need-to-configure-it-to-make-it-all-one-big-coverage-area/21f75032-b55d-4a1d-b696-c6b8c425f377
So you recommend setting channels manually, I will, thanks. I must say I am beginning to get the Unifi feeling
and beginning to get used to the look and feel of the controller, hope it stays as rock solid as it is now...btw first I used a static IP for the NanaHD and got an alert, then I set it to DHCP with a reserve IP on pfSense and this alert disappeared are you formiliar with this?
-
Not sure what alert you got, I use static on all 3 of my AP.
As to static vs auto channels - thats up to you.. I just set them, its pretty much a set it once and forget it thing.. You only have 2 so if you want to run 80 vht you really only have 2 choices ;) 36 and 149..
For 2.4 you only have 1,6 and 11 to choose from... What is in the area.. Pick 2 that are least use in any neighbors.. Its not like you have 20 AP in a building and your trying to make sure you have least amount of interference between all your APs..
-
Where can I set the static ip in this menu I can only see LAN and the ip of my gateway, eg pfSense
The only way it is mentioning is in devices, you'll see the ip and the setting dhcp.
-
Yup you set it on the device directly..
-
BTW - your way behind on firmware ;)
The latest beta is
5.17.0.11742 -
@johnpoz You use beta, do you recommend it? and why is there a LAN with dhcp, as there are no ports to connect?
-
Yeah I have always run the beta.. This is my home network.. I have no issues with some of blip or something - but in the years been running unifi.. I don't recall really ever having anything that was of any real issue.. There have been some beta's where the speed wasn't as fast as other firmware releases.. But they normally correct in the next update, etc.
I run the beta controller as well.. 5.14.9 currently.
The one thing nice about running controller on VM, is just take a snapshot before update.. And if goes south, just restore the snap and back to where you were.
why is there a LAN with dhcp, as there are no ports to connect?
Yah lost me - not understanding what your asking there? Oh the controller run multiple things, switches and their USG (router) which can provide for dhcp and other networks. Notice the USG required next to that ;)
-
@johnpoz Oeps missed that, there are some other settings that are for other gear, like DPI (deep packet inspection), it is on by default and as I don't have a unifi security gateway I will turn it of.
Strange thing I have ra0 to ra4 and ra4 is ra4 e2:63:da:40:11:6c element-64e46abdc079e335 11 ? So although I have mesh/uplink disabled ?
-
@Qinn said in Seamless roaming:
element-
You can turn those off - those are for adoption of specific unifi gear, like their new plug and stuff.. If you don't have any of that gear you can turn those off. Just delete them if you have already unchecked the setting.
-
@johnpoz I can't remove the element wlan, maybe it's gone after a reboot of the device or do you have a ssuggestion?
Btw tommorow I am busy, friday more time, one question, when I adopt the second nanoHD what will it do with the ip address as I now have set it static?
-
Huh? The static IP is per AP, by default the AP will come up with dhcp.. If you want to set it static then you would have to set it per that AP..
This should help in removal of the element ssid
https://community.ui.com/questions/SSIDs-named-element-xxx/3de45b45-83bc-4480-a066-68f404029ae7 -
@johnpoz Thanks will try it friday, got to move now, "grazie mille"
for all the explaining and your time, super...I am beginning to like unifi -
@Qinn Just to chime in quickly from the left field: I'd also advise to reconsider the need for 4 (or more) SSIDs as every SSID you use slows down the bandwith of your WiFi so the less you use, the more you get on your devices. If you do it "right", all you need are one or two SSIDs anyway. One running Radius based VLANs (perhaps together with freeradius on your pfsense) and one for those old/dumb devices, that don't work with AES-Enterprise WiFi (User/Pass instead of shared key). :)
-
@JeGr Thanks for the hint, I will reconsider.
-
To chime in on that as well - if you really really want to get fancy.. You might even be able to get by with just 1 ssid.. where you assign vlans based on mac of the devices.
Maybe just 2 if you want a enterprise auth ssid, and for those iot devices and such just use psk, I did a test a while back they first came out with the dynamic vlan support, and I did get it to work based on mac for psk devices..
I was thinking at one time to go down this path.. But haven't gotten back to it ;) Lots of devices - all working, segmented out how I want.. Haven't found the motivation to change it all up just to drop a couple of ssids ;)
While sure the fewer the ssids the better if your looking to max tweak your setup.. A couple of extra ssids not going to be a big difference in overall performance ;)
Here this might help
https://help.ui.com/hc/en-us/articles/360015268353-UniFi-USG-Configuring-RADIUS-ServerYou can use freerad on pfsense for this vs using the radius server of usg..
I currently use 4 ssids = 4 different vlans
1 wpa2-enterprise with eap-tls auth, this is for my trusted devices. My phone, Wife's phone, my laptop, my tablet, etc.
2 wpa2-psk for iot devices, thermostat, alexa devices, smart bulbs, the like
3 wpa2-psk for roku/tv stuff. My harmony remote, tv, roku sticks
4 wpa2-psk for guest devices.. Even setup QR code on a business card I can give guest so they can just scan the qr code with their phone and get on.. Zero reason for them to type out the very long and complex psk ;)
