Hi all, I have some Unifi gear from my previous setup I want to use with my Swisscom IB connection: a Security Gateway (USG) and an access point (UAP).
The UAP works straight away when plugged directly to the IB, no issues there. The problem arises when I try to connect the USG in between.
I am aware the IB does not support bridge mode, so I guess something is conflicting with the default USG settings.
The IB is at the default setting of 192.168.1.1, nothing changed from defaults. I reset the USG to factory settings. I connect it to the ethernet port of the router, and can't get internet connection.
I tried SSHing into the USG and changed its default LAN IP to 192.168.1.2 to make sure it doesn't conflict with the IB, but it didn't help. I assume this is the problem, as I've found lots of posts in German about this topic, but they are proposing conflicting solutions ("change the IP of the IB!!", "no, change the IP of the USG!", "no, the USG won't work with an IP different to 192.168.1.1!!") and I can't speak German and google translate is not giving very useful translations.
Can someone advise what is the easiest way to accomplish this simple scenario?
[ IB ] ------> [ USG ] --------> [ UAP ]
Thanks in advance
If you cant manage to change the network settings on the USG, leave it as it is.
Change the IB network to 192.168.2.1 or whatever you like and connect the USG gear to a LAN port on the IB.
Use the DMZ feature on the IB (enable expert mode on and look at the network tab => DMZ).
Choose the USG in the pull down list and all should work fine. Now you have on the USG side a double NAT setup.
if you want to run SWTV on the USG side, you need to setup igmp and make some firewall rules afaik.
edit: SWTV can be connected directly to the IB and it will still work.
Hi @mabu1 , thanks for the reply. Will try that tonight. Just to clarify: I should attach the USG to the IB from the USG's WAN port right?
So, USG WAN port => IB LAN port (2.5gb/s red one, for example).
Happy to report I got it working following your advice.
For future reference, this is what I did:
1. Put IB on 192.168.0.1, network mask 255.255.0.0. Set DHCP range in IB to 192.168.0.101-192.168.0.254
2. Add static DHCP route for USG in IB configuration, give it 192.168.1.1
3. Factory reset USG, connect to IB 1 gbps LAN port
4. Put USG in DMZ in IB config
5. Restart AP, adopt USG.
Now the Unifi wifi is working fine and giving devices IPs in the 192.168.1.x range, whereas the IB wifi is also operational and giving devices IP in 192.168.0.x range. Once I can confirm everything is 100% OK with the unifi wifi I will turn that one off.
Thanks for the help!!
The description on how to solve the connection of an USG to an IB seems very promissing.
I will try it in the coming days. I tried it already once and I gave up.
can you confirm that this should work with both USG models:
Ubiquiti USG: UniFi Security Gateway
Thank you for your great help!
Hello @Biorn1950 ,
When you say replace the internet box, you mean replace the functions of the internet box ?
I have a 10Gb fibre to the home (FTTH) were would I connect it if not on the Internet Box ?
No because xgs-pon receiver (for 10Gbs) is SFP+ and USG-PRo is SFP only.
But ubiquiti is launching a new model (UXG-PRO) with SFP+ capabality, which is in beta atm.
You can‘t replace the IB3 on a PON line with any Ubiquiti product so far. The problem is not the SPF+ or SPF only, it is about the different technique of P2P and P2MP used for transport and encryption.
If you want to replace the IB3 on PON, check the BBCS Proved Equipment List.
I still assume you have a 1Gbit P2P fiber connection over ethernet protocol. That’s just works fine.
Regarding the question from @SumSum about a replacement of the IB3 on a 10 Gbit XGS-PON line, I can tell you that will not work with any Ubiquiti gear so far. Why so? On a PON several users share the same fiber and each user receives all data from all others. This is a shared medium, like cable. In order to manage traffic to the corresponding user, all traffic is encrypted. Decryption is done on customers router and not the SFP.
In any case you managed to have a running xgs-pon 1Gbit link up, please let us know the details. We are eager to know.
@mabu1To resume because you mix abbreviations and things and it's not clear: (PON is just fiber)
About P2MP there is no reason ubiquiti product have issue.
PON is a Passiv Optical Network and will perhaps work with Ubiquiti UFiber.
AON is an Active Optical Network and terminates in a hub, means P2P over Ethernet.
Please describe your gear and clarify if you have p2p or p2mp and provider. Otherwise we talk past each other.