I wish they would get their shit together and have software that isn't buggy / riddled with security issues. Their march to a cloud dependent offering is so disappointing.
Funny thing, I complained and complained and complained and they quietly rolled out full-offline zero cloud required UniFi and Protect IOS direct connection support starting about three months ago. I doubt my complaining helped specifically, but there were many people on the same threads so maybe they got the hint?
I gave up on their controller software and rolled out OpenWRT to the Unifi AP AC lites at my previous job. I didn't try managing them centrally (there were only 5 of them) so I don't know if there are any good options for that.
The difference was night and day. The guest networks actually worked. They had uptimes of over a year without issue.
Sadly only _some_ Unifi AP models are supported by OpenWRT. Check before you buy. I use GL.inet stuff where possible now.
It's kind of strange for me that the most secure out of the box wifi router I could find was made in China by a Hong Kong based company. The new one comes with 2 2.5 slots fwiw.
Yeah I don't trust the firmware they come with. It's some customised variant of OpenWRT, but I replace it with vanilla immediately. At least this is very easy (simply upload the new firmware in the web interface, no serial port or TFTP shenanigans necessary).
FWIW I don't trust the OEM firmware of any router. They're all a mix of crap, some intentional, some not.
They also need to get it together with their hardware. Their main camera products were out of stock for so long due to the supply chain that they "redesigned" them with cheaper/worse parts and released the G5 series and did a bunch of marketing to try and mask it.
I don't see any reason to believe this new access point won't support standalone, so I just ordered one to replace an older access point (an Amplifi Alien that was in Bridge Mode).
The access point should do nothing except convert between wired and wireless, which is all I ask. I have a separate, wired-only router.
Just to report back on this in case anyone finds this comment in the future... standalone mode almost worked.
On the UniFi U7 Pro, standalone mode was limited to 40MHz channel width on 5GHz and 160MHz channel width on 6GHz, which was a dealbreaker for me. The hardware is capable of 240MHz on 5GHz and 320MHz on 6GHz. So, I installed the controller on a local server and used that to configure the hardware to its fullest potential.
RPI is a popular solution for unifi controller hosting. I’ve run a box with unifi+pihole continuously for about 2 years on PoE, never crashes or gives any maintenance headaches, if I do need to reboot everything always comes right up without any fuss.
Make sure that you're running a 64-bit OS. They use MongoDB for the unifi controller, and it simply disables the write ahead log on 32-bit Linux. This means it'll corrupt itself on crash.
I’ve had two die and then I read using an SSD helps a lot with the heat issue. Replaced the HDD with an SSD and temp is a cool 45C now down from high 50’s with HDD. YMMV but figured I’d add my anecdotal experience.
Ubiquity and Synology both give me the same feels when it comes to security. They focus on usability to be sure. Perhaps related, their new lighting system on the pro level routers is really slick and I wish I had it 20 years ago when I found myself in data centers on the regular.
I think my biggest compliant is their IPv6 support is pretty limited (compared to pfSense I've used in the past) but otherwise I have rock solid networking that only goes out due to ISP issues. I still think they're the best prosumer solution.
What's with their software being riddled with security issues? The only security issue I know about UI is one with that rogue employee leaking their secrets?
