Apart from the quality content, there's something else I like about your vids - you cut the chase, in less than 10 seconds you always get the ball rolling. Thanks for that
Hi Willie. Thanks for the content. I’m wondering if you can use more than one op address to filter the source or still need to create several rules to allow different IPs addresses.
@@WillieHowehi, I tried this on a udm pro and could not get it to work. I was trying to create a port forward to a proxy server and then limit the incoming port forward to cloudflares IP ranges, on pfsense this was so easy... it seems on a udm pro not so, is there any chance you could do a quick video showing how to tied port forward with firewall rules as when I try all my ports are still exposed.... Cheers John.
I have the same Port forwarding config on a UDM Pro and it always stop working whenever there is an ISP internet outage, then I have to restart UDM Pro to get it working again. Very annoying.
Just got my Express. Set up port forwarding to my Plex service. Sadly it still says remote access not available. Not sure why. Restarted the plex server as well, just to be sure.
Kinda similar but maybe different situation. I have a Wifi Doorbell that REQUIRES being on the same subnet as the hardwired NVR. On unifi all my SSIDs are on their own subnets (as they should be). How can I make the doorbell send its traffice to an IP on its own subnet that forwards to the IP of the NVR on the LAN subnet? Should this be as simple as creating a port forward?
I assume you can’t create a group for ports. So if I know it’s UDP/123, TCP/443 etc. I can’t create a group. In Sophos for example you can granularly define items.
I would like to install Netbird and only allow it to connect from certain countries before it even gets to Netbird itself. On Mikrotik it is easy, just import an address list. UFW is similar, just run a command pointing to a list. Seems like I need to look at how to do it from CLI on Unifi. As for RDP EvlWatcher will reduce failed login attempts. Besides the firewall source list. I would not use MFA alone since in (65%) of cases, RDP is used to establish initial access to the target endpoint.
Set up port 32400 (public port) and set the ip to the internal IP of the server/service Plex is running on. The port should be the same, 32400. I am however having an issue with my new Express but it could just be some delayed issue I am seeing.
Willie, thanks for the video. I have set up a single server behind UDM SE Pro using port forwarding and it works. But we have many servers with unique public IP and with different web apps running on them. Is there a way to route traffic to each of these servers when the request comes in? Users will use a URL that is mapped to a public IP .
@@WillieHowe in my thoughts, the UDM should be able to detect if my E-Mail-Server is compromised. (If it sends tons of E-Mails, or if my server gets part of a Botnet)
Hi Willie, Thanks a lot for your contribution, to understand the Unifi world . - The port that is forwarded is only accessible from outside the network, why can’t I access it from within, as I could with my old router (ASUS).
Thank you, and sorry for my confusion, I mean: how do I disable it - what I want is the possibility to see my server’s external interface (WEB sites) inside my LAN from my LAN - as it is now, I only can see it from outside my network.
Apart from the quality content, there's something else I like about your vids - you cut the chase, in less than 10 seconds you always get the ball rolling. Thanks for that
It wasn't always that way!
Thanks Wille. Still learning my DMP.
Thanks from Austria for your great content all the time. I did the same for a PLEX Media Server
I love how perfect this interface is. The UISP NAT config is so annoying I'm trying to return my UISP-R for a UXG-Lite
Interesting
Can you create a web server and a honeypot and see how long it takes for someone from the outside to infiltrate the network?
Hi Willie. Thanks for the content. I’m wondering if you can use more than one op address to filter the source or still need to create several rules to allow different IPs addresses.
New rule for each source address or create a firewall rule with a group of addresses.
@@WillieHowehi, I tried this on a udm pro and could not get it to work. I was trying to create a port forward to a proxy server and then limit the incoming port forward to cloudflares IP ranges, on pfsense this was so easy... it seems on a udm pro not so, is there any chance you could do a quick video showing how to tied port forward with firewall rules as when I try all my ports are still exposed.... Cheers John.
Thank you for this... Helped me a lot...
I have the same Port forwarding config on a UDM Pro and it always stop working whenever there is an ISP internet outage, then I have to restart UDM Pro to get it working again. Very annoying.
Just got my Express. Set up port forwarding to my Plex service. Sadly it still says remote access not available. Not sure why. Restarted the plex server as well, just to be sure.
Kinda similar but maybe different situation.
I have a Wifi Doorbell that REQUIRES being on the same subnet as the hardwired NVR. On unifi all my SSIDs are on their own subnets (as they should be). How can I make the doorbell send its traffice to an IP on its own subnet that forwards to the IP of the NVR on the LAN subnet?
Should this be as simple as creating a port forward?
I assume you can’t create a group for ports. So if I know it’s UDP/123, TCP/443 etc. I can’t create a group. In Sophos for example you can granularly define items.
I would like to install Netbird and only allow it to connect from certain countries before it even gets to Netbird itself. On Mikrotik it is easy, just import an address list. UFW is similar, just run a command pointing to a list. Seems like I need to look at how to do it from CLI on Unifi.
As for RDP EvlWatcher will reduce failed login attempts. Besides the firewall source list. I would not use MFA alone since in (65%) of cases, RDP is used to establish initial access to the target endpoint.
Hi Willie. Port forwarding is new to me. How do I setup Plex Port forwarding? Thank you for your videos on networking.
Set up port 32400 (public port) and set the ip to the internal IP of the server/service Plex is running on. The port should be the same, 32400. I am however having an issue with my new Express but it could just be some delayed issue I am seeing.
I might grab one of these units to play with !
Hold up-- you want to get a UniFi product? 😜
To try yeah ! Then will give it away !@@homenetworkguy
Willie, thanks for the video. I have set up a single server behind UDM SE Pro using port forwarding and it works. But we have many servers with unique public IP and with different web apps running on them. Is there a way to route traffic to each of these servers when the request comes in? Users will use a URL that is mapped to a public IP .
I like your Security Settings of blocking China & Russia...do you notice a lot of false positive blocking events with security set this high?
Nope.
quick and easy thank you
Many Thanks also from Germany!
Do you know how to "automaticly block dubious traffic" on single ports?
Can you explain that a bit more?
@@WillieHowe in my thoughts, the UDM should be able to detect if my E-Mail-Server is compromised. (If it sends tons of E-Mails, or if my server gets part of a Botnet)
how do i add this to a Vlan?
can you port forward over wifi? im trying to host a server and i have unblocked my ports are not working.
You should be able to do this.
Thank you!
Hi Willie, Thanks a lot for your contribution, to understand the Unifi world . -
The port that is forwarded is only accessible from outside the network, why can’t I access it from within, as I could with my old router (ASUS).
Hairpin Nat is enabled by default.
Hallo again: Is there a way to enable Hairpin Nat for my UXG lite? - Unfortunate I don’t see any checkbox or option to do that in Unifi Console 8.0.7
@@AndersMorch52 it's enabled by default
Thank you, and sorry for my confusion, I mean: how do I disable it - what I want is the possibility to see my server’s external interface (WEB sites) inside my LAN from my LAN - as it is now, I only can see it from outside my network.
@@AndersMorch52 there's a lot to unpack here. Please email me.