Lot of people set up the accept side to only accept related and established. This means if your device tries to talk to a device on the iot, that device can talk back. Seems a better way rather than leaving ports open. Your thoughts?
Hello! Not sure if you did a follow up video but I wanted to add to your Chromecast section. mDNS does let you SEE the chromecast devices, but will not allow you to connect to them. I also had hard set an IP to the chromecast ultra, and then allow specific ports from the Chromecast to speak back to the main network/mobile device. Those ports are 8008-8009, and 32768-61000. I am still not sure what 8443 does from the different forums say but I tested with just the other ports and was able to cast. Also, if you want to cast from a guest network, you will need to disable "Client Device Isolation" from the Wi-Fi settings of the Guest Network. Alternately, Google did add a feature to be able to cast to the Chrome Cast device with a built in Guest Mode and with a 4 Digit auth code
I love your videos - you have a great personality! Over Covid, I set up a simple Unifi home network (USG, 8 port unifi poe switch & Nano AP). Would you consider a video on how to set up Unifi to give the BEST possible Zoom meeting experience? I have struggled to find a good video that walks me through this in a way that is easy to follow and understand. Thanks again, and keep up the GREAT work!!
@@MillerTechnicalServices I have 300mb Fios, and sometimes, intermittently with no other drain, my Zoom meetings just come to a crawl or even disconnect - I was hoping you might have some advice on settings for QoS to prioritize Zoom traffic. I saw something about enabling "Smart Queues " The info icon says "Prioritizes traffic and reduces delays when the router/bandwidth becomes overloaded" I did that, but I don't really know what it did or if it helped yet. It seems to have reduced my network speed when I do a speed test. Thanks again!
I was wondering if you could make a video or discuss how to make an IOT device like a mining rig that utilizes wifi, SAFER. Would it be just a firewall and a guest network?
Thank you so much for your video! Is your chromecast example similar to casting RUclips videos from my phone to my smart tv, amazon fire stick, or blue ray player?
Great video! In a couple hours I will be getting my dream machine pro device. I haven't used one before plus the access points I bought. My question for you is. You create a network just for the Iot devices. When I get a new Iot device will the SSID be broadcasting? Like I said all this is new to me. I thought I could join the regular network once on the network I would move that device to the IoT network. Is that how that works?
OK so question: What if i DON'T have a smart/managed UniFi switch? And as far as IoT devices, I also have Kasa plugs, switches, then my smart google home mini speakers, an alexa speaker, and a Chromecast/Google TV. But ALL of those devices are obviously wireless, not wired. So, that being the case, the AP can connect those devices to the IoT VLAN once I have set them up right? For the intial setup, I'd have to connect my phone to the IoT network, use my phone to get those devices joined to the IoT network, and then join my phone back to the main LAN and test connectivity, right? I guess my question in short is: All of these rules, and traffic to and from the IoT network can function just with a USG and an AC-Lite, correct?
At 3:37 you show firewall rules for blocking lan to guest and guest to lan. How do you test this? If you use Ping, it is a send/receive communicator so blocking with only one of the 2 rules you have cuts off Ping as well, right? At least in my Unifi config I have just one for Block Guest to LAN and I then can't Ping between a device on LAN and Guest networks/wifi. So it makes me wonder why you need both rules and how to verify it's working if Ping shuts off with just one of the rules (at least for me)?
Ping isn’t an accurate way to test this. Devices on one network can still see devices on the other when you only use one rule and have MDNS enabled. The reason your ping is failing with only one rule is because devices can’t respond to that ping because of the firewall rule but they can still receive data from the other network.
Because it makes it much simpler than doing it per device. I have like 20 kasa devices and I didn’t want to make a dedicated rule for each of them or setup ip ranges
About the ChromeCast being in a separate VLAN. I also set it up like this, but then using a pfSense firewall. Casting from a mobile device is working fine, but trying to cast from my laptop using Google Chrome or MS Edge most of the time doesn’t find any device. Do you encounter the same issue using the dreammachine as your router? Or do other people encounter the same issue using a pfSense firewall? I’m not sure where to problem is coming from because mobile device work just fine with it.
I’m using homebridge and domoticz for my home automation. Any tips on that? Domoticz runs on my Synology so can’t be moved to an IoT network, but can probably be approached the way you did with your plex server I guess? Also my smart tv has Kodi which connects to my NAS for streaming purposes. How would you handle something like that?
Hi Miller. Very useful video! I would like to ask you a technical aspect. I have a UDM and cannot connect remotely to my dvr on a cctv vlan. I've noticed that the dhcp and gateway(of the vlan) are creating some problems. Do you ever encounter some thing like this? Tks
another great video ,,, is there any chance you could make a video on how to adopt a unifi usg into an existing network ? im having an issue doing this . im on the 192.168.0.1 --192.168.0.255 using a nighthawk for routing , please .cheers mate
@@MillerTechnicalServices hi mate , cheers for the reply , I’m not sure how to transfer the existing ip addresses and also the usg comes with an IP address of ,192.168. 1.1. Which isn’t in my ip range so can’t do normal adoption in Unifi control ? I’m trying my hardest but can’t sort it , I’m pretty new to the Unifi set up , thank you
You just change the dhcp range and ip of the USG. It’s really easy to do. If you see in my complete UniFi setup or the IOT video me setting up a network, just use those settings for your existing network on the USG
for allowing the IoT network to the Plex server couldn't you just allow the IoT network to the IP address of the Plex server instead of doing the ports?
I don’t want it being able to access the plex server as a whole computer. I only want it to be able to access the plex part of it. Plex is running on my server which has a bunch of other stuff on it as well. I only want it to see plex.
@@MillerTechnicalServices I am going to try to get My Alexa Echo to control 4 ROKU ULTRAS and one ROKU TV. I also have an assortment of plugs that I am going to attempt to control Via ALEXA. All this will be done via a USG-3P/US8-150W Switch/3 Flex Minis/ 1 UBIQUITI AP-Pro and 1 AP -LR. I plan on setting up a 5Ghz and a separate 2.4Ghz network for my IOT devices.
Put the Echos on the IoT network. And as far as I know, Echos don't control things locally. They phone home to Amazon, which phones out to (insert smart plug company)'s servers, then that tells the plug to turn on.
107 kinda looks like IOT. See it? 107 IOT
Just noticed that too
Lot of people set up the accept side to only accept related and established. This means if your device tries to talk to a device on the iot, that device can talk back. Seems a better way rather than leaving ports open. Your thoughts?
great video. i have sonos system as well as wemo switches. any info how to set up either devices
Hello! Not sure if you did a follow up video but I wanted to add to your Chromecast section. mDNS does let you SEE the chromecast devices, but will not allow you to connect to them. I also had hard set an IP to the chromecast ultra, and then allow specific ports from the Chromecast to speak back to the main network/mobile device. Those ports are 8008-8009, and 32768-61000. I am still not sure what 8443 does from the different forums say but I tested with just the other ports and was able to cast.
Also, if you want to cast from a guest network, you will need to disable "Client Device Isolation" from the Wi-Fi settings of the Guest Network. Alternately, Google did add a feature to be able to cast to the Chrome Cast device with a built in Guest Mode and with a 4 Digit auth code
107 is IoT in leetspeak
How did that come to be?
@@MillerTechnicalServices I = 1, O = 0, T = 7, en.wikipedia.org/wiki/Leet
Thank you!
I love your videos - you have a great personality! Over Covid, I set up a simple Unifi home network (USG, 8 port unifi poe switch & Nano AP).
Would you consider a video on how to set up Unifi to give the BEST possible Zoom meeting experience?
I have struggled to find a good video that walks me through this in a way that is easy to follow and understand.
Thanks again, and keep up the GREAT work!!
Thank you! For the best experience honestly, just plug it in and use it. There really isn’t any secret sauce or magic button.
@@MillerTechnicalServices I have 300mb Fios, and sometimes, intermittently with no other drain, my Zoom meetings just come to a crawl or even disconnect - I was hoping you might have some advice on settings for QoS to prioritize Zoom traffic. I saw something about enabling "Smart Queues " The info icon says "Prioritizes traffic and reduces delays when the router/bandwidth becomes overloaded" I did that, but I don't really know what it did or if it helped yet. It seems to have reduced my network speed when I do a speed test. Thanks again!
Any chance of a video on how to setup a "public WiFi" on the UDM pro? With bandwidth restrictions for each user ? Portal?
Sure
I'm probably late to the game, but 107 is Leet for IoT
I was wondering if you could make a video or discuss how to make an IOT device like a mining rig that utilizes wifi, SAFER. Would it be just a firewall and a guest network?
Thank you so much for your video! Is your chromecast example similar to casting RUclips videos from my phone to my smart tv, amazon fire stick, or blue ray player?
It should work for anything that supports google cast
Great vid, what would you do for fibaro HC2 thanks
Great video! In a couple hours I will be getting my dream machine pro device. I haven't used one before plus the access points I bought. My question for you is. You create a network just for the Iot devices. When I get a new Iot device will the SSID be broadcasting? Like I said all this is new to me. I thought I could join the regular network once on the network I would move that device to the IoT network. Is that how that works?
No you connect it to the IoT Wi-Fi network.
OK so question:
What if i DON'T have a smart/managed UniFi switch?
And as far as IoT devices, I also have Kasa plugs, switches, then my smart google home mini speakers, an alexa speaker, and a Chromecast/Google TV. But ALL of those devices are obviously wireless, not wired.
So, that being the case, the AP can connect those devices to the IoT VLAN once I have set them up right? For the intial setup, I'd have to connect my phone to the IoT network, use my phone to get those devices joined to the IoT network, and then join my phone back to the main LAN and test connectivity, right?
I guess my question in short is: All of these rules, and traffic to and from the IoT network can function just with a USG and an AC-Lite, correct?
Yes
At 3:37 you show firewall rules for blocking lan to guest and guest to lan. How do you test this? If you use Ping, it is a send/receive communicator so blocking with only one of the 2 rules you have cuts off Ping as well, right? At least in my Unifi config I have just one for Block Guest to LAN and I then can't Ping between a device on LAN and Guest networks/wifi. So it makes me wonder why you need both rules and how to verify it's working if Ping shuts off with just one of the rules (at least for me)?
Ping isn’t an accurate way to test this. Devices on one network can still see devices on the other when you only use one rule and have MDNS enabled. The reason your ping is failing with only one rule is because devices can’t respond to that ping because of the firewall rule but they can still receive data from the other network.
Unfortunately I cannot see what you were doing. The screen images are so small.
Why do you allow the entire IoT vlan on port 9999? And not just Kasa devices?
Because it makes it much simpler than doing it per device. I have like 20 kasa devices and I didn’t want to make a dedicated rule for each of them or setup ip ranges
About the ChromeCast being in a separate VLAN.
I also set it up like this, but then using a pfSense firewall.
Casting from a mobile device is working fine, but trying to cast from my laptop using Google Chrome or MS Edge most of the time doesn’t find any device.
Do you encounter the same issue using the dreammachine as your router?
Or do other people encounter the same issue using a pfSense firewall?
I’m not sure where to problem is coming from because mobile device work just fine with it.
I haven’t had any issues with it
I’m using homebridge and domoticz for my home automation. Any tips on that? Domoticz runs on my Synology so can’t be moved to an IoT network, but can probably be approached the way you did with your plex server I guess? Also my smart tv has Kodi which connects to my NAS for streaming purposes. How would you handle something like that?
Same process, just find the ports
Hi Miller. Very useful video! I would like to ask you a technical aspect. I have a UDM and cannot connect remotely to my dvr on a cctv vlan. I've noticed that the dhcp and gateway(of the vlan) are creating some problems. Do you ever encounter some thing like this? Tks
Not if setup correctly.
Thank you!
Great video, as always. 👍
another great video ,,, is there any chance you could make a video on how to adopt a unifi usg into an existing network ?
im having an issue doing this . im on the 192.168.0.1 --192.168.0.255 using a nighthawk for routing , please .cheers mate
You adopt it the same way you would have any other ubiquiti device it’s just you have to transfer over all of your IP address information.
@@MillerTechnicalServices hi mate , cheers for the reply , I’m not sure how to transfer the existing ip addresses and also the usg comes with an IP address of ,192.168. 1.1. Which isn’t in my ip range so can’t do normal adoption in Unifi control ? I’m trying my hardest but can’t sort it , I’m pretty new to the Unifi set up , thank you
You just change the dhcp range and ip of the USG. It’s really easy to do. If you see in my complete UniFi setup or the IOT video me setting up a network, just use those settings for your existing network on the USG
for allowing the IoT network to the Plex server couldn't you just allow the IoT network to the IP address of the Plex server instead of doing the ports?
I don’t want it being able to access the plex server as a whole computer. I only want it to be able to access the plex part of it. Plex is running on my server which has a bunch of other stuff on it as well. I only want it to see plex.
@@MillerTechnicalServices ok then that makes more sense. so I guess both ways would work and just work in different ways!
@@christucker3187 Both ways would allow Plex to work, but only one o the ways is secure.
“I don’t know why they use 107?”
It’s a visual cue/clue,
107 = IOT…
You’re welcome.
Is there any special method to get an ALEXA ECHO to work in this method?
To work with what?
@@MillerTechnicalServices I am going to try to get My Alexa Echo to control 4 ROKU ULTRAS and one ROKU TV. I also have an assortment of plugs that I am going to attempt to control Via ALEXA. All this will be done via a USG-3P/US8-150W Switch/3 Flex Minis/ 1 UBIQUITI AP-Pro and 1 AP -LR. I plan on setting up a 5Ghz and a separate 2.4Ghz network for my IOT devices.
Put the Echos on the IoT network. And as far as I know, Echos don't control things locally. They phone home to Amazon, which phones out to (insert smart plug company)'s servers, then that tells the plug to turn on.
@@MillerTechnicalServices thank you for the prompt reply
@@Red1Wollip Crosstalk solutions or The Hook Up might be able to give you a better answer.
107 is similar to IOT, visually.
Your screen is so hard to read on my phone 🤣
I secure mine with my 200 pound German Shepherd. Grrrr
How well does your dog protect your network when he’s being walked by your roomba? 😂
@@MillerTechnicalServices He protects me. Believe me the Cable Guy doesn't come 10 feet from my house :)
hi Miller,
I'd better learn OpenWRT/DD-WRT