Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unifi Network Controller & Pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    26 Posts 8 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • the otherT
      the other @johnpoz
      last edited by the other

      @johnpoz
      Wow, thank you.
      :)
      I do all my certs with good old cert manager and pfsense. Before I used openssl under ubuntu indeed, which is okay after some learning. Went well for all kinds of devices (switches, raspberries...well everything here using https). With cert manager it's even fun, well, kinda...just the darned unifi stuff!

      What I missed was to delete the default keystore...tried to put my own cert there, did not work, if I remember correctly...

      Anyway, thanx for a new project for the time when the leaves are falling...

      the other

      pure amateur home user, no business or professional background
      please excuse poor english skills and typpoz :)

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @the other
        last edited by

        @the-other no problem, last time I didn't save instructions - and it was another PITA finding the instructions again, so this time I saved them off.

        Now on the other hand, printer is just a gui you import the cert/key and ca with, etc.

        printer.jpg

        But its only doing tls 1.0 so browser doesn't like that either and still warns that "not secure" ;)

        Now if some crappy printer interface can have a gui for importing your cert, why can not the unifi controller do it..

        Don't get me started on their behind the times busybox on their AP, and the antiquated sshd (dropbear v2020.81) on them. An update to securecrt broke access to them because securecrt had dropped support for old host keys.. And have to use a different library, that took a while to get sorted - but support from securecrt was great..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        the otherT 1 Reply Last reply Reply Quote 1
        • the otherT
          the other @johnpoz
          last edited by the other

          @johnpoz said in Unifi Network Controller & Pfsense:, so this time I saved them off.

          I hear you...
          ... done and bookmarked :)

          Sorry btw for hijacking this thread @all

          the other

          pure amateur home user, no business or professional background
          please excuse poor english skills and typpoz :)

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @the other
            last edited by

            @the-other while true not actually pfsense related ;) lots of unifi users around here, hope someone else will find the info useful other than just you - hehe

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            the otherT 1 Reply Last reply Reply Quote 0
            • the otherT
              the other @johnpoz
              last edited by

              @johnpoz said in Unifi Network Controller & Pfsense:

              hope someone else will find the info useful other than just you - hehe

              I am pretty sure a lot of ppl will...haha, true.

              the other

              pure amateur home user, no business or professional background
              please excuse poor english skills and typpoz :)

              1 Reply Last reply Reply Quote 0
              • BogusExceptionB
                BogusException @Tux4000
                last edited by

                @tux4000 While your issue is solved, just wanted to add for those searching in the future that on all my customer sites, all unifi devices report to a digital ocean linux 'box' running the controller software. I have pfSense FWs and pfSense+ on netgate appliances, a varied mix. No tweaking of any kind ever needed on the firewall, as all traffic is outbound (from firewall's perspective).

                The only exception was human error before I put the controller on DO when controller and device were on separate VLANs (w/out rules). After that, I no longer used local controllers.

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.