Another great video Tim! One of the things I've done in my IoT wifi network is instead of turning BSS/Fast Roaming on, is I've bound some of my devices to a specific AP
Having one ssid per band works very well. It allows me to choose which band I prefer and overrides the band automatically selected if I don't like it. Set all dumb IoT on 2.4, Chromecast on 5, etc. Also when you first enter your home the 2.4 will most likely connect first. You can override this manually and force 5 afterwards. If you are at the pool far in the backyard with a weak 5, you can force the 2.4. I don't have a ubiquity setup yet, but with one good WiFi 5 router and a WiFi extender configured as an AP with a 1Ge Ethernet cable, this setup works flawlessly for years.
Great vid Tim! Didn't know about PPSK! Was hoping it would provide an eloquent solution to my IOT and IOT_5 SSIDs (as you mentioned I've heard band steering creates issues, so I have a separate IOT 5GHz for streaming devices) but alas. All amazing information nonetheless!
Thanks for the info, can you recommend more in depth reading for us if we want to know more? I do enjoy your channel. I hope to get a small business and home install and support business going again.
I would have to think on that. The unifi support pages are hit and miss, but there is a lot of good advice on there. Make sure that you are following Crosstalk Solutions, Lawrence Systems, Willie Howe, Mactelecom Networks and WunderTech for more Unifi network information. They do this full time and have quite a bit more content than me. If you plan on doing Unifi cameras too, follow DPC Technology. They are great.
Hey Tim, awesome video again. I've watched your Unifi for Newbies series too, and next week I'm finally going to set up my own Unifi network. It's been really helpful for me to map out how I want my home network to be. One question I have, which I think I know the ansew to but wanted to ask anyway: do your settings allow you to stream from the default/ private network to a chromecast or airplay TV which is on the IoT network? I think with your firewall settings it should be fine, but wanted to make sure anyway. Thanks
Can you make a second (advanced?) video and discuss the multicast icmp and other related settings? In particular setting up communication between users and iot devices over vlans and firewalls?
Check out my UniFi for Newbies series in my playlist if you haven’t. I cover alit of that in that series. Including a downloadable template for FW rules when you have IOT devices.
Random tip, setting up my samsung tv with smart things, it couldnt connect to SSID or wifi name with space (maybe other restrictions) so i had to make another wifi network with a simple name but with ubiquiti was easy to make the wifi network point to my IoT network. With your point about vlans and hackers, should we be making a vlan for our security access iot devices, garage door, smart locks? Or is that going overboard?
Thanks for the comment. And yes, I have had issues with certain types of devices connecting to SSIDs with spaces and special characters in the name... As far as your questions go, I do view those types of devices as "smart" and would drop them into the IOT VLAN normally. But that is looking at them from a network risk standpoint only. If you look at them from a physical security risk, depending on your level of paranoia, smart locks and smart garage doors may not be a good choice to have. There are many demos available of wifi based, zwave and bluetooth versions all be bypassed or "hacked". Most posts that I read stated that burgalers typically don't choose that route and would prefer to enter through a window or something, but it definately gives you something to consider. Hopefully that doens't freak you out.
I have mine set to WPA2, but I had some devices that struggled with that setting. I think it would be worth trying to set it to WPA2/3 in the beginning if you can. You may have better luck than me.
From experience, trying to reconfigure my network and force certain IoT devices to connect to a given AP is hard; by example restarting my router will enable 2.4 before 5 and all devices able to authenticate on both will most likely chose 2.4. Restarting the IoT device might select a different AP or band. Smart in wall light switch/dimmer are the worst at this because you can't just disconnect them from the power outlet. Your only option is to shut down an AP, power cycle the breaker and wait until the IoT device connect to the AP, then power up the second AP. Again after a power outage most likely the whole Wi-Fi network will not reconnect the exact same way and you might need to restart all over again. 😅
You forgot minimum data rate settings which are very important for tuning performance. Depending how dense the AP deployment is will dictate what settings should be used, but generally you want to set 5.5mb beacons on 2.4GHz with medium to low density and 11mb on 2.4GHz with high AP density. For 5GHz, start at 12mb for low density and 24mb for high AP density.
Im not disagreeing with you, however, I leave that on auto for my setups unless I need to adjust them. I think UniFi does a pretty good job with that for me.
![Felix "Unfair" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/Oswujxm2Ag0/mqdefault.jpg)
What videos! Best of the best. Very well explained, very structured.
Simply amazing! Well done Mr! Much appreciated! 👍🔥
Wow. That you sooo much. You’re too kind.
Very helpful:)! Didn't really know much about the single SSID with multiple passphrases, or the AP grouping. Thank you!
So glad. Thanks for watching!!!
Thanks for sharing all details about this and helped me to update a few new features in my network
Thanks for watching. You are welcome.
You should get an award or something! thanks!
Your comment is award enough for me. Thanks for watching.
Another great video Tim!
One of the things I've done in my IoT wifi network is instead of turning BSS/Fast Roaming on, is I've bound some of my devices to a specific AP
Good call out. I’ve also done that if im seeing the device jump around. Thanks for sharing.
Another great video! Thanks a lot for doing these!
I am so happy to do it. Thanks for watching!
Another awesome video, thanks very much Tim.
Appreciate it! Thanks for watching.
Having one ssid per band works very well. It allows me to choose which band I prefer and overrides the band automatically selected if I don't like it.
Set all dumb IoT on 2.4, Chromecast on 5, etc.
Also when you first enter your home the 2.4 will most likely connect first. You can override this manually and force 5 afterwards.
If you are at the pool far in the backyard with a weak 5, you can force the 2.4.
I don't have a ubiquity setup yet, but with one good WiFi 5 router and a WiFi extender configured as an AP with a 1Ge Ethernet cable, this setup works flawlessly for years.
I also like splitting the bands with typical router setups. Done it many times. Glad your setup has been working well.
Another great video. Thanks !
Hey Thanks! Appreciate the commment.
Great vid Tim! Didn't know about PPSK! Was hoping it would provide an eloquent solution to my IOT and IOT_5 SSIDs (as you mentioned I've heard band steering creates issues, so I have a separate IOT 5GHz for streaming devices) but alas. All amazing information nonetheless!
Appreciate your kind words! Thanks so much! I hope this helps you with your setup.
Awesome video Thanks very much
Thanks so much for watching.
Thanks for the info, can you recommend more in depth reading for us if we want to know more? I do enjoy your channel. I hope to get a small business and home install and support business going again.
I would have to think on that. The unifi support pages are hit and miss, but there is a lot of good advice on there. Make sure that you are following Crosstalk Solutions, Lawrence Systems, Willie Howe, Mactelecom Networks and WunderTech for more Unifi network information. They do this full time and have quite a bit more content than me. If you plan on doing Unifi cameras too, follow DPC Technology. They are great.
@@ethernetblueprint Yep, I follow all most of those guys. I will look in on the others, thanks!
Great video thanks for sharing, what size network cables did you go for?
I typically do Cat6 cables. Maybe Cat6A for special cases like 10Gb at longer distances. But most of the time cat6…
Hey Tim, awesome video again. I've watched your Unifi for Newbies series too, and next week I'm finally going to set up my own Unifi network. It's been really helpful for me to map out how I want my home network to be. One question I have, which I think I know the ansew to but wanted to ask anyway: do your settings allow you to stream from the default/ private network to a chromecast or airplay TV which is on the IoT network? I think with your firewall settings it should be fine, but wanted to make sure anyway. Thanks
Yes, airplay and casting should work fine from Default --> IOT. Good question and good luck with your setup! You're in the club now!
@@ethernetblueprint Thanks for taking the time to answer! Nothing's in my way anymore, down the rabbit hole of Ubiquiti I go :D
HAHA... sorry and congratulations!
@@ethernetblueprint Don't be sorry, my life is great now! I just finished setting up the FW rules and all is running smoothly. Thanks Tim :)
Can you make a second (advanced?) video and discuss the multicast icmp and other related settings? In particular setting up communication between users and iot devices over vlans and firewalls?
Check out my UniFi for Newbies series in my playlist if you haven’t. I cover alit of that in that series. Including a downloadable template for FW rules when you have IOT devices.
Thank you so much !!
You are most welcome! Thanks for watching.
Random tip, setting up my samsung tv with smart things, it couldnt connect to SSID or wifi name with space (maybe other restrictions) so i had to make another wifi network with a simple name but with ubiquiti was easy to make the wifi network point to my IoT network.
With your point about vlans and hackers, should we be making a vlan for our security access iot devices, garage door, smart locks? Or is that going overboard?
Thanks for the comment. And yes, I have had issues with certain types of devices connecting to SSIDs with spaces and special characters in the name...
As far as your questions go, I do view those types of devices as "smart" and would drop them into the IOT VLAN normally. But that is looking at them from a network risk standpoint only. If you look at them from a physical security risk, depending on your level of paranoia, smart locks and smart garage doors may not be a good choice to have. There are many demos available of wifi based, zwave and bluetooth versions all be bypassed or "hacked". Most posts that I read stated that burgalers typically don't choose that route and would prefer to enter through a window or something, but it definately gives you something to consider. Hopefully that doens't freak you out.
27:00 I think you meant *less* susceptible to interference.
I'm sure I did... When I do these, I find my self saying the wrong word here and there. Ugh. Thanks for catching that.
Do you also set your IOT to WPA2/WPA3?
I have mine set to WPA2, but I had some devices that struggled with that setting. I think it would be worth trying to set it to WPA2/3 in the beginning if you can. You may have better luck than me.
From experience, trying to reconfigure my network and force certain IoT devices to connect to a given AP is hard; by example restarting my router will enable 2.4 before 5 and all devices able to authenticate on both will most likely chose 2.4. Restarting the IoT device might select a different AP or band.
Smart in wall light switch/dimmer are the worst at this because you can't just disconnect them from the power outlet. Your only option is to shut down an AP, power cycle the breaker and wait until the IoT device connect to the AP, then power up the second AP.
Again after a power outage most likely the whole Wi-Fi network will not reconnect the exact same way and you might need to restart all over again. 😅
Very true. That’s why I like UniFi so you can create the conditions to make it easier for your devices. Like 2.4G only networks, etc…
Do I need a UDM for the VLAN to work?
You need both a router/gateway and a managed switch for VLANs to work. Does not need to be a UDM specifically.
You forgot minimum data rate settings which are very important for tuning performance. Depending how dense the AP deployment is will dictate what settings should be used, but generally you want to set 5.5mb beacons on 2.4GHz with medium to low density and 11mb on 2.4GHz with high AP density. For 5GHz, start at 12mb for low density and 24mb for high AP density.
Im not disagreeing with you, however, I leave that on auto for my setups unless I need to adjust them. I think UniFi does a pretty good job with that for me.