Replace or upgrade USG (UniFi Security Gateway) in an existing site!
ฝัง
- เผยแพร่เมื่อ 29 ก.ย. 2024
- So you got a new USG for your network and you want to adopt it into an existing UniFi site? Follow these instructions to install a USG in a non 192.168.1.0/24 network!
More Info:
Contact us for network consulting and best practices deployment today! We support all Grandstream, Obihai, Polycom, Plantronics, Ubiquiti Networks, MikroTik, Extreme, Palo Alto, and more!
My Amazon Link: www.amazon.com...
SIP.US: h5.sip.us
H5 Mailing List: h5llc.com
H5 Discord: / discord
Netool: netool.io use code WILLIEHOWE to save at least 10%!
Digital Ocean Referral Link: m.do.co/c/39aa...
Consulting Contact: h5technology.com
Support Agreement: h5technology.c...
Support my channel and keep the lab growing!
Come back for the next video!
Twitter - @WillieHowe
Instagram - @howex5
SUBSCRIBE! THUMBS-UP! Comment and Share!
Old vid but defo learned something.
Luckily my controller is on a Debian on a £1 / month VPS provider ;)
It will be awesome if you show the pro config also... thnaks a lot...!!😎
Thank you Willie. I'll be a adding a USG on my home network in two days the process should be the same . Currently, I do have a ERPoe-5, US-8-60W and Cloud key and I will be replacing the ERPoe-5 with a USG.
question... how many USG have you had to replace? I watch all the unifi videos, got excited... swapped my home network over to all unifi... worked great for 2 months, then my USG just crapped out in the middle of the night... I have trouble shot down to to the eth port not being able to transmit. I get the flashing activity lights, but nothing WRT to getting or handing out IPs and get the no ether cable connected warning when trouble shooting. I like the unifi idea, but NEVER had a network device crap out on me... 2 months...is ridiculous. no warm an fuzzy here on UniFI product anymore. I have an RMA in, but silence from Unifi so far.
I just did this without the cli; I connected locally to a USG pro (new) and set the lan ip of my usg (old) and setup the exiting dhcp scope on the new device as well. I then logged into the cloud controller forgot the usg (old) and plugged in the new usg pro and adopted.... done!
Thanks, good to know as I want to replace my USG-3P with a UXG-Pro.
Do the existing port forwards and manually created firewall rules still exist after adopting the new USG?
Please speak clearly! I have slowed this down, turned the volume up and played it several times. I sure wish I could understand you better!
0:46 “Set the WHAT to your external controller”?
1:14 “I have taken the WHAT that we’re using for best practices…”
I just had to use this tonight to get my new USG migrated into an existing network. Thanks so much for posting really helpful videos, Willie.
Thanks, this video is just as useful in 2024 as when published, as I replaced a USG3P with a UXG-Lite. The one difference I did was to initially plug the new UXG directly into my laptop (not my LAN) to set the address and subnet before deleting the old USG. Now that I know the new hardware was good, I only then deleted the old USG, and while it was factory resetting plugged the new one into place. Everything provisioned just as expected, easy peasy. I think this method is better than adopting into a new site and then moving into the main site.
I'm still a bit confused as to why I wouldn't need to start with a fresh site since the UCG-Ultra has its own cloud gateway and site hosting whereas the USG I'm replacing was hosted by a laptop.
can i use usg pro with topology internet->usg->cicso.asa->coreswitch->acces.switch->client
USG for pppoe and for backup if asa failure
@WillieHowe Can you help with the configure for USG Pro 4
So funny you made a video on this. I just had to do this last week and it took a bit to figure out. I swapped a pro into the network. Next time post things I need sooner! J/k thanks for the good video.
Willie Howe - lol last time I called you didn't pick up....maybe it was because I spoofed you number. Keep up the good work.
Hi Willie, Thaks for the video. How can we replace existing USG with a new one if the controller at remote site?
If the controller is at a remote site, then I expect you would simply do most of the same steps shown here but instead of SSHing in to the USG and changing the ETH1 address, you would instead set the inform url to your remote controller. It would then be adopted/provisioned by the controller via the WAN/ETH0 interface instead. Hopefully Willie can confirm for you.
Can this device support multiple WAN IPs ?
Can you do a video on how to MERGE two unifi networks? best practice to eliminate extra cloud key and USG and minimize downtime doing it. Thanks
Man, I wouldn't exactly merge those networks... however, what should work, is setting up IPsec site-to-site and setting devices on "client" network to inform to address of the cloud key. The only caviat to this, is that you would have to preconfigure your "client" side USG to launch the tunel upon deployment. This way, inform and controll should be confined to go through VPN tunel, which I find safer, than simply opening a port on "server" side gateway.
Same thing to upgrade to UXG pro ? I would think !
If I am not mistaken the key here is to give your other unifi devices static ip addresses in the correct subnet so when you plug in your new usg to the network it wont issue new ip addresses in the wrong subnet and cause your existing unifi hardware to drop out of connected status and to go into adoption failed mode.
If doing with a USG-Pro you need to change eth1 to eth0
That was awesome! In case a unit dies or upgraded from the USG to the Pro, super handy!
Whats the process for the UXG-Pro?
This was very helpful thank you very much Willie
You rock!! Got my USG Pro 4 replacing my Verizon router up after watching this!!! Thanks so much!!!
Were you using set top boxes?
You are an amazing instructor- thanks to you
Absolutely awesome Willie! Thank you so much for your great contribution.
Would this also apply if I would rather replace an existing USG with a USG Pro 4?
Thanks a lot!
This is so helpful
Thanks for this.
Would it be possible to just unpower the original USG and leave it connected in the network as a backup device, or do you HAVE to Forget the device before the new Pro provisions and adopts into the network? I understand about not have two devices in the same network at the same time, but if the old is off would it matter? Thanks!!
I would like to ask. When I saved configuration from USG-3P before forgetting, then after adoption USG 4pro it will be just fine to restore backup to USG 4 pro?
Hey Willie! I’m struggling with this with my lack of knowledge in networking. I have an ASUS router that’s running my network now and static IPs assigned to my Ubiquiti AP, Ubiquiti switch, and the unifi controller (raspberry pi). How would I go about swapping my new USG in for the ASUS router?
How can I upgrade my USG to the new Unifi Dream Machine since my controller is running on a cloud key? I want to replace my USG and my cloud key with the UDM. Can I export the site backup the cloudkey and restore to the UDM controller? Similar to the video, I use 192,168.2.x for my LAN.
Is there a graceful way to shut down your USG Gateway after its up and configured? CLI CMD?
Great video but could you have also just SSH into the USG and setinform twice to the controller or is it because the networks are different it wouldn't have worked?
YES I need to see the USG Pro.
Even after 4 years still worth watching something great from pro much relative 👍🏻 wonderful job bro you are fkn Geniuse 😍🙌
Hello Willie. I have a question about provisioning a USG in an existing site so that I and pre configure it to go to a new site that I will manage with my CK.
Existing site 1 has a USG Pro. I want to provision the USG 3 for site 2 but I want to be able to do it while it's at my site 1 location.
Thank you for any info.
Do you know a work around to get ubiquiti dhcp to give lifx bulbs an ip address ? they show up by name/mac but ip is always blank. i have looked in both ubiquiti and lifx forums and many others seem to have same issue but i have yet to find an answer.
This only works if both the old and new have compatible firmware levels. I just had a USG pro4 claim it was provisioning for almost 90 minutes, before realizing that there were issues. Had to download new firmware, WINSCP and upgrade the usg pro via ssh. Once it rebooted following the upgrade, it completed the provisioning quickly. Also on the Pro eth0 is the LAN 1 port.
I have a USG 4 provider and a dhcp subnet mask provider with 21 and 5 AP-AC-Pro.
The problem is that I tried it in an event with about 250 people and at that moment the cpu of the usg started to rise by 89% + - with this I do not deliver more dhcp or did it very slow or even give an ip conflict. This is normal? 260 customers is too little to stop like that? What can be?
thanks
Great video as always! May I ask you How can I enable UPNP on UNIFI system because I get some problems with my server NAS SYNOLOGY plex , I can’t thank you enough !
Thank you so much! very helpful. I'd like to ask i have a problem with my ubiquity 16port 150 watts switch POE and 24v let not functioning wat may be the problem no indicator at all some of my AP not working.
Spent hours pulling my hair out. Eventually came across this, and IT WORKED! THANK YOU SO MUCH! 👍👍😁
Would this process differ in any way if the Unifi Switch and Controller live on a VLAN network for management reasons?
For example...previous USG lives on VLAN 1 (untagged), Switch and Controller live on VLAN 2? Would it still be the same process?
Thanks Willie. Videos are a great help.
Excellent, thank you Willie!
hi Willie Howe
,
What program do you use to make the sdxml diagram?
Thank you
Da Man! 🦾
Would it be possible to show an adoption into an existing network with a existing dhcp server? I've ran into multiple issues/bugs with setting this up in an environment and trying to turn off DHCP.
great video. it helped me a lot to get things solved. Still I struggle to set up my networt with ubnt devices (voip and 48PoE switch) any videos available for that as well?
Hey Willie... great videos. I am installing a system outside using 4 unifi pro units in a mesh setup. What do you recommend for setting up the channels. I keep getting different opinions. The issue is I cant install the first wired unit in a star configuration. The next 4 wireless pro units are in a strait line about 200 feet apart line of site.
Please show configuration for USG PRO 4
Bugger, thought this was going to be how to upgrade TO a USG on an existing site, one without any current Ubiquiti kit, ah well
Can this method be used to replace USG using the program other than the Cloud KEY?
So I could put a USG behind another router? I want the usg to just handle the WiFi security.
Thanks Willie 👍🏼
Hi willie Can we use tp-link switch with UsG.?? I want create the vlans is that achievable.?
Great Solution, I stop on this Problem and with the video i can see my Mistake. Thank You
Sir, I sincerely thank you for posting this video. The information that I stumbled through across TH-cam and various blogs were getting me nowhere. Once I watched your video I realized that most people have no clue as to the inner workings of this device. You completely solved my problem. Once I experimented with ssh and putting in the correct settings, the device was adopted perfectly. Many, many thanks.
So all previous configuration is restored after the provision?
Is there no need to forget the eth1 192.168.1.0/24 subnet after adding the 192.168.4.0/24?
Is there a big difference between this unit and the pro?
Did he every make a video with adopting a pro?
Good info. I just picked up a USG to replace the ASUS in my home network. Unfortunately when adding the USG, the Unifi AP drops out on me. The Unifi Controller sees it, but it's just gone as far as wireless devices are concerned.
@@garethev5866 The AP had a static IP before I put the USG in. I decided to stop fighting it. It's a home network, so I just wiped the Unifi Controller setup, rediscovered everything and it's all been working fine.
Great Video, thanks! Just a quick question, will this process wipe settings such as site-2-site VPNs we have set up in the Networks section or the firewall/port forwarding rules, or are these handled by the controller on the cloudkey?
@@WillieHowe perfect! Thanks a lot.
Great demo. Someone asked me today how to do this and now I can send them your video to explain :) great content Willie
I'd like to see the pro ver as well.
Great info. Thanks.
Good Stuff Willie
The usg now has a GUI web interface. It is super basic but you can set wan and lan ips. Any reason you wouldn’t use that to make it easier to to change the ips as an alternative to ssh?
You can indeed do that, but there is still a good chance that a new USG you've ordered will come out of the box with a firmware revision that predates the addition of the GUI interface with configurable LAN parameters. In that case, it's critical to know how to add the requisite temporary LAN configuration using the CLI.
The GUI is a pain, it won't let you set a LAN static address (I have a separate DHCP server with 4 VLAN pools) so the Controller (on a separate VLAN and server). It insists on having WAN and DNS set before committing anything. The SSH approach seems a better way to force it to get the USG adopted for final configuration. Also I have 3 ISPs with a SD Wan through existing Fortinet device, Can the USG spare LAN be configured as a 3rd WAN port? Does the USG have SD Wan capability?
Thanks willie.
Good stuff - thanks
Thanks again Willie!