That was the case for me too, I chose the “VLAN only” variant with Unifi Switch/USG and it works wonderfully, but I had to deactivate IGMP snooping otherwise I have the dropouts every few minutes and the picture stops. Since the Swisscom TV boxes are “locked” in their own VLAN, I think you can let it run like this. Maybe ask the experts, do I have to do anything else (firewall, etc.) to completely isolate this “Swisscom TV VLAN” from the rest? As described in the PDF, I connected the Swisscom IB directly to the VLAN, i.e. bypassing the WAN port on the USG. I want this VLAN to be completely isolated, I don’t have to access it and above all I don’t want anything to go out to other VLANs or my main network.
Hello everyone,
I had a power outage last week and my USG3P was probably damaged. Then I bought a new one. Unfortunately I had installed the controller on the QNAP NAS, which unfortunately also gave up the ghost. Fortunately, the data on the NAS is still there, but the controller software has lost all data.
So far I haven’t been able to get the controller software to run on the NAS with the Swisscom TV IGMP and UDP thing (before the power failure it was running in the same hardware config).
Now I had a picture dropout after 5 seconds… then I bought a CloudKey and configured everything using it.
The same config as on the NAS runs on the Cloudkey, i.e. only to a limited extent…. now I don’t have the picture failure after 5 seconds, but after about 5 minutes.
I went through the whole thread here and tried everything with removing config.gateway.json and config.properties, new provsion etc…
What did I miss? Is it the CloudKey?
(UBNT) #show igmpsnooping
Admin Mode……………………………. Enable
Multicast Control Frame Count……………… 1034
IGMP header validation…………………………… Disabled
Interfaces Enabled for IGMP Snooping……None
VLANs enabled for IGMP snooping……………. 1
I read the post by @snoopy5707 and think this is a good solution.
But since I have house wiring where the wall socket has a cable from the USG switch going up from the basement, and there is a Netgear switch, this probably won’t work for me.
Thanks for the support and help
Hello @Kionieckioz24
Have you read post 193 with the PDF?
Then you no longer need the Json file.
It works if you put everything in an “ondly VLAN”. (Only the port on which the TV-Box is and the port which comes from the router.
And if the Json file doesn’t work, you most likely saved it in the wrong format.
Greetings Lorenz
It seems the problem is with the rule numbers.
Since I created these via the GUI, they were always created in the 2000 range.
I have now created the config completely using the config.gateway.json, using the rule number of @BurningRoli (3110, etc.) and since then everything has been working 🙂 Based on the rule rules, I now think that’s the problem is to activate the rules before all others is wrong, this leads to the 2000s, if these are created afterwards, i.e. in the 3100+ range, everything seems to work.
I wanted to delete my post at first, but thought this might help others too 🙂
Greetings
Steve
Have you already tried to deactivate IGMP snooping in the VLAN of the TV boxes? I had the same problem until I deactivated IGMP snooping in the VLAN in which the TV boxes are. As a controller I also have a Cloud Key (Gen. 2) as well as a USG and UniFi PoE switch. The Swisscom Internet box is on the one hand on the WAN port of the USG but also directly on the VLAN (VLAN only setting) of the TV boxes.
Thanks for the info
Unfortunately, I can’t make the port from the Unifi switch a VLAN only because after that there is another switch that supplies Plex and Sonos 🙂
I created the JSON file directly on the controller with the VI Editor, so there should be no problem with the UTF8 character encoding 🙂
As in my next post, my TV has been running for 20 minutes without interruption, meaning it could really have had something to do with the RULE numbers.
Thanks
I don’t really understand why you have to disable IGMP snooping in the VLAN. That shouldn’t really matter. For me it is activated and works perfectly. You have several boxes, right?
You can test the proxy on the USG:
Whether the proxy is running:
$ps -ef | grep igmpproxy
root 3257 1 0 May12? 00:07:56 /sbin/igmpproxy /etc/igmpproxy.conf
Information about the proxy:
$show ip multicast interfaces
$show ip multicast mfc
Greeting
It’s not clear to me either, I first did everything according to the PDF instructions posted here with “VLAN only” and IGMP snooping activated. The network worked perfectly at first, the TV box draws an IP directly from the DHCP pool of the Swisscom Internet box. TV was also on but then after a few minutes the disillusionment occurred, the picture kept stopping. I had to change the channel and back again and then it ran again for a few minutes. Test repeated with my second TV box elsewhere on the network, exactly the same. Frustrated in bed and brooded. The next morning, out of sheer desperation and after reading through a few posts on Ubiquiti, I deactivated IGMP snooping in the VLAN and lo and behold it worked without any problems. I then activated IGMP Snooping again as a test and 2 minutes later the exact same effect occurred again on both TV boxes. (Image freezes again and again after a few minutes)
Hardware:
Swisscom Internet Box Standard (the “old” square one)
Swisscom TV Box(en) (the old ones, I think, are called TV 2.0 UHD)
PoE Switch UniFi US-24-250W 26 Port
UniFi Security Gateway USG-PRO-4
Various UniFi PoE switches (Flex and Mini)
4 months later
Hello @BurningRoli
From what I can read here, you are the absolute professional when it comes to Internet Box and Unifi USG. 🙏
Many thanks to you in advance, thanks to your input I was able to solve this problem, simply brilliant!!
Can I now ask you how you would solve the following problem with your settings (which I have successfully implemented as you described and everything works perfectly, except SCTV, which I don’t need):
Connection via DynDNS from Swisscom Box (huber.internet-box.ch) (IP range IB2: 172.16.1.1/24) to the UniFi Controller on CloudKey Gen2 with IP 192.168.1.54 ((DHCP from USG 4: 192.168.1.1/24).
I would like to control the sites centrally from my UniFi controller (see above) for various sites (Eltern and in-laws) that do not have a local controller. I will then direct the APs (in their local network) to the DynDNS using “set inform URL” ( [http://huber.internet-box.ch:8080/inform](http://huber.internet-box. ch:8080/inform)).
Unfortunately I don’t understand how I can route the DynDNS address to the other network class on the controller.
P.S. my static IP for USG is set to 172.16.1.149 instead of xxx.254 (for USG: WAN IP 172.16.1.149), VLAN also works perfectly 😁
Can you help me with that? Or can another specialist help me? There are quite a few specialists here when I read the posts… 🙏
Thank you very much in advance
Greeting
Lorenz
9 days later
Hello everyone
Does anyone of you have any idea what I’m doing wrong with my setup?
1. CB2 with fixed IP and DMZ mode
2. USG Pro 4 outgoing WAN 1 connected directly to port 1 of the CB2
3. CloudKey gen 2 connected to the USwitch 24
Now I have the problem that I can’t reach the CloudKey from outside. Although it is displayed to me via the Ubiquiti portal and I can access the controller via the portal, I cannot integrate any external devices into the network (adoption).
I also can’t establish a VPN connection. Can you help me here if necessary?
I’m at my wits’ end. Do I have to do anything on the USG (firewall)?
Maybe you also have a tip for me @BurningRoli?
Thanks for your help.
LG
SashaS
hmmm @SaschaS
do you have a controller hostname/ip defined in the settings?
Have you enabled the port on the firewall? With my IB2 I also release them again.
inform port forwarded to the correct IP?
Last but not least, overwrite the hostname.
Then you should add devices outside your network with the Static IP 1.1.1.1:8080 and the Inform Port
greeting
@jarhead_r wrote:
hmmm @SaschaS
Do you have a controller hostname / IP defined in the settings?
Have you enabled the port on the firewall? With my IB2 I also release them again.
inform port forwarded to the correct IP?
Last but not least, overwrite the inform hostname.
then you should add devices outside your network with the Static IP 1.1.1.1:8080 and the Inform Port
greetings
yes, I have stored the fixed IP of the router there. However, somehow this doesn’t work. Which IP do I have to enter?
I had also set up port forwarding on the USG, now I have removed it, it hasn’t worked so far.
Hello @jarhead_r
Many thanks in advance.
Is this possible if the IB2 (172.11.1.x) is in a different DHCP range than the USG (192.168.1.x)?
Where does port forwarding have to take place, in the IB2 or in the USG?
Shouldn’t all ports in IB2 already be released because of the DMZ?
Thanks and greetings
Lorenz
Good morning @LittlePimp
On the IB2 (172.11.1.x) you should set up the DMZ on the router USG (192.168.1.x)
In the USG itself you then set the port forwarding to the controller.
I put my IB2 DMZ on the UDM Pro and also port forwarding…….
Because I don’t always completely trust the Swisscom router XD
Thanks for the feedback. However, I set the settings accordingly and the whole thing still doesn’t work as usual. I’m trying from outside via command
mca-cli
set-inform http://146.x.xx.xxx:8080/inform
Connecting the devices, but nothing happens.
Here are a few print screens of the settings:
https://ibb.co/3RYtwWD
https://ibb.co/NmmK9wR
https://ibb.co/m0MDCgG
Do you have any other ideas what I could do?
Do I have to do anything else on the CB2?
Could it be that something was set incorrectly on the CloudKey itself?
Please note:
CB2 has the local IP: 192.168.1.2
USG Pro has the local OP: 192.168.1.1
@SaschaS wrote:
Hello everyone
Does anyone of you have any idea what I’m doing wrong with my setup?
1. CB2 with fixed IP and DMZ mode
2. USG Pro 4 outgoing WAN 1 connected directly to port 1 of the CB2
3. CloudKey gen 2 connected to the USwitch 24
Now I have the problem that I can’t reach the CloudKey from outside. Although it is displayed to me via the Ubiquiti portal and I can access the controller via the portal, I cannot integrate any external devices into the network (adoption).
I also can’t establish a VPN connection. Can you help me here if necessary?
I’m at my wits’ end. Do I have to do anything on the USG (firewall)?
Maybe you also have a tip for me @BurningRoli?
Thanks for your help.
LG
SaschaS
Is this a new setup or has an existing one been changed, what?
Regarding point 1. What kind of mode have you set up on the CB2. Because DMZ mode on LAN1 which is possible with an IP subnet or another and you are using the term DMZ incorrectly? Please describe in detail, if necessary with a link to the instructions that were used.
So the cloud key is accessible via UBNT Cloud (Cloud Access enabled), but you can’t continue your setup because you can’t adopt the switch and the USG? Am I understanding this correctly?
If so, it has nothing to do with port forwarding but rather the adoption itself fails, probably because an existing setup was somehow modified?!
(Port forwarding like STUN to the Cloudkey makes no sense, it needs the STUN port and 8883 outbound to communicate with the cloud…)