Ubiquiti

From Indie IT Wiki
Jump to: navigation, search

The Unifi Controller from Ubiquiti Networks is a software management solution for their range of WiFi access point devices.

Contents

VPN

IPsec L2TP

Web Search

EdgeRouter - IPsec L2TP Server

EdgeMAX L2TP over IPsec VPN Server with Firewall Exceptions (VIDEO)

EdgeRouter - PPTP VPN with local users / RADIUS

Windows 10 Tips

OpenVPN

EdgeRouter OpenVPN Server

Using Raspberry Pi as a Monitor for UniFi Video Cameras

https://www.youtube.com/watch?v=oRrgn3DWinE

http://www.stocksy.co.uk/articles/Linux/using_a_raspberry_pi_as_a_monitor_for_ubiquiti_unifi_video_cameras/

Unifi Unblock Client

On both the web interface and the smart phone app...

Insights > Client > Unblock

Unifi Video Firmware Upgrade To Fix Sun Shadow Issues

https://community.ubnt.com/t5/UniFi-Video-Blog/UniFi-Video-3-9-7-Release/ba-p/2393780

Unifi Video Cloud Accound

https://video.ubnt.com

Unifi Video Firewall Ports

7080
7443
7446

https://help.ubnt.com/hc/en-us/articles/217875218-UniFi-Video-Ports-Used

Unifi Switch 24

Reboot

  1. With a paper clip, depress the Reset button until you feel it click. Hold for 1 second, then let go.

Reset

Normal Method

  1. With a paper clip, depress the Reset button until you feel it click. Hold for 10 seconds, then let go.

Hail Mary Method

  1. Unplug the power cable.
  2. With a paper clip, depress the Reset button until you feel it click. Hold firm.
  3. Plug in power, while continuing to hold paper clip firm.
  4. Wait until the LED begins flashing in a repeating pattern: Off Blue White.
  5. Release paper clip reset.
  6. Unplug the power cable. Wait 5 seconds; say Hail Mary, and plug power cable back in.

EdgeMax Dual WAN Failover Load Balancing

https://help.ubnt.com/hc/en-us/articles/205145990-EdgeMAX-Dual-WAN-load-balance-feature

UniFi VoIP - How To Manage Themes

https://help.ubnt.com/hc/en-us/articles/224333808-UniFi-VoIP-Theme-Management-Guide

UniFi VoIP - How to Manually Upgrade UVP App/Platform

SipService.apk

UnifiPhone.apk

https://community.ubnt.com/t5/UniFi-VoIP/UniFi-VoIP-How-to-Manually-Upgrade-UVP-App-Platform/ta-p/1293920

EdgeMAX

HOWTO: Edit Date and Time On A Firewall Rule

show configuration commands | cat | grep 'firewall.*'
configure
set firewall name LAN_IN rule 30 time starttime '21:59:59'
commit
save
exit

HOWTO: Enable and Disable Firewall Rule

show configuration commands |cat               (so you can find the correct rule)
configure
delete firewall name LAN_IN rule 20 disable    (to enable rule)
set firewall name LAN_IN rule 20 disable       (to disable rule)
commit
save
exit

https://community.ubnt.com/t5/EdgeRouter/How-enable-firewall-rule-in-CLI/m-p/540854/highlight/true#M13284

HOWTO: Change Default User Password

configure
set system login user ubnt authentication plaintext-password MyN3wP4ssw0rd
commit
save
exit

HOWTO: Hardware Offloading

UPDATE: Yeah, jury is still out on this... on the ER-X it does not seem to make any difference and if you're using Smart Queue Management QoS then it won't work on that anyway!

Offloading is used to execute functions of the router using the hardware directly, rather than a process of software functions to greatly increase performance.

https://help.ubnt.com/hc/en-us/articles/115006567467

HOWTO: Smart Bandwidth Queue

Find your Download and Upload speed on the Internet (http://speedtest.net)

EdgeOS > QoS > Smart Queue > WAN Interface: pppoe0 > Upload: <upload speed> Mbits/sec > Download: <download speed> Mbits/sec > Apply

https://community.ubnt.com/t5/EdgeRouter/ER-X-QoS-Smart-Queue-WAN-Interface-SOLVED/td-p/2315465

HOWTO: Bandwidth Limit Single IP Address

This will limit a single IP address of 192.168.0.17 (the teenager) to 1Mb download and 500Kb upload speed...

EdgeOS > QoS > Basic Queue > Add Queue > Source: 192.168.0.17 > Rate (upload): 500k > Queue Type: SFQ > Reverse Rate (download): 1m > Queue Type: SFQ > Apply

HOWTO: URL Blocking Proxy

configure
set service webproxy listen-address 192.168.0.1   (IP Address of your edge router!)
set service webproxy url-filtering squidguard local-block twitter.com
set service webproxy url-filtering squidguard local-block facebook.com
set service webproxy url-filtering squidguard local-block youtube.com
commit
save
exit

https://help.ubnt.com/hc/en-us/articles/205202680-EdgeMAX-Web-proxy-service-for-filtering

https://ahmeddirie.com/technology/networking/url-filtering-and-blocking-crap-with-vyatta/

HOWTO: Add DNS Entries

ssh ubnt@192.168.0.1

ubnt@ubnt:~$ configure
[edit]
ubnt@ubnt# set system static-host-mapping host-name unifi inet 192.168.0.252
[edit]
ubnt@ubnt# commit
[edit]
ubnt@ubnt# save
Saving configuration to '/config/config.boot'...
Done
[edit]
ubnt@ubnt# exit
exit
ubnt@ubnt:~$ logout
Connection to 192.168.0.1 closed.

host unifi
ping unifi

HOWTO: Upgrade EdgeOS firmware

https://help.ubnt.com/hc/en-us/articles/205146110-EdgeMAX-Upgrading-EdgeOS-firmware

ER-X

https://www.ubnt.com/download/edgemax/

Note: The ER-X/ER-X-SFP/EP-R6 has more limited storage, and in some cases upgrade may fail due to not enough space. If this happens, remove the old backup image first (using "delete system image" command below) before doing upgrade. The system will always have at least 2 images so you are alright to remove the older one.

Command Line

show version
show system image
delete system image
show system image
add system image https://dl.ubnt.com/firmwares/edgemax/v1.10.x/ER-e50.v1.10.1.5067582.tar
show system image
show system image storage
sudo reboot

show version
show system image
logout

GUI

HOWTO: How to Limit the Download/Upload Rate of LAN

https://help.ubnt.com/hc/en-us/articles/220716608

Useful CLI

https://www.reddit.com/r/Ubiquiti/comments/33zkhu/useful_edgerouter_cli_commands_settings/

https://community.ubnt.com/t5/EdgeRouter/How-enable-firewall-rule-in-CLI/m-p/540836/highlight/true#M13279

Firewall CLI

ssh ubnt@192.168.0.1
ubnt@ubnt:~$ configure
ubnt@ubnt# show firewall name LAN_IN
ubnt@ubnt# edit firewall name LAN_IN
ubnt@ubnt# run show configuration commands
ubnt@ubnt# set rule 7 time starttime '21:50:00'
ubnt@ubnt# set rule 8 time starttime '21:50:00'
ubnt@ubnt# compare
ubnt@ubnt# commit
ubnt@ubnt# top
ubnt@ubnt# show firewall name LAN_IN
ubnt@ubnt# save
ubnt@ubnt# exit
ubnt@ubnt:~$ logout

Speedtest CLI

Download python software...

curl -O https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
chmod a+rx speedtest.py
sudo mv speedtest.py /usr/local/bin/speedtest-cli

Test python software...

speedtest-cli --simple --no-pre-allocate

Write shell scripts for cron...

vi /root/speedtest.sh
speedtest-cli --simple --no-pre-allocate >/tmp/speedtest-cli_result.txt
chmod +x /root/speedtest.sh
vi /root/speedtest_to_influx.sh
echo "speedtest,host=erx download=`grep 'Download' /tmp/speedtest-cli_result.txt | awk '{ print $2 }'`,upload=`grep 'Upload' /tmp/speedtest-cli_result.txt | awk '{ print $2 }'`" | nc 192.168.0.252 8094
chmod +x /root/speedtest_to_influx.sh

Add shell scripts to cron...

crontab -e
7 11,23 * * * /root/speedtest.sh
@hourly /root/speedtest_to_influx.sh

Thanks - https://community.ubnt.com/t5/EdgeMAX/EdgeOS-Command-Line-Speed-Test-via-speedtest-net

Your Own Speedtest Mini Server

https://www.tecmint.com/speedtest-mini-server-to-test-bandwidth-speed/

wget http://c.speedtest.net/mini/mini.zip

speedtest-cli --simple --no-pre-allocate --mini http://www.domain.co.uk/speedtest/mini/ >/tmp/speedtest-cli_result.txt

https://gist.github.com/sparanoid-bot/4441239

HOWTO: Time Based MAC Address Blocking

rule 10 {
    action drop
    description "Block Gaming PC"
    source {
        mac-address 11:11:11:11:11:11
    }
    time {
        starttime 22:00:00
        stoptime 07:59:59
        weekdays Mon,Tue,Wed,Thu
    }
    time {
        starttime 00:00:00
        stoptime 07:59:59
        weekdays Fri,Sat
    }
}
  1. Login
  2. Firewall / NAT
  3. Firewall Policies
  4. LAN_IN > Action > Edit Ruleset
  5. Add New Rule
  6. Description = Block Kids PC
  7. Tick Enable
  8. Action = Drop
  9. All Protocols
  10. Source = MAC Address
  11. Time > Start Time = 22:00:00 > Stop Time = 06:00:00
  12. Save
  13. Click little (x) next to tick
  14. Logout

Quoted here by me - https://community.ubnt.com/t5/EdgeMAX/Set-up-time-limits-for-kids-internet-access/m-p/1826628#M149231

Thanks to Ubiquiti Community Forum

HOWTO: Improve Throughput On PPPoE

configure
set system offload ipv4 pppoe enable
commit
save
exit

Thanks - https://blog.linitx.com/howto-significantly-improve-slow-throughput-edgerouter-lite-pppoe/

SSH Keys Access

Copy your SSH public key to the device...

scp /home/user/.ssh/id_rsa.pub ubnt@192.168.0.1:~/id_rsa.pub

Log in to the device...

ssh ubnt@192.168.0.1

Switch to configure mode...

configure

Load SSH key to the user...

loadkey ubnt ~/id_rsa.pub

Commit...

commit

Save ...

save

Exit...

exit

Logout and test...

exit
ssh ubnt@192.168.0.1

Thanks - https://community.ubnt.com/t5/EdgeMAX/ssh-authorized-keys/td-p/458361

Thanks - http://www.bciuca.com/2014/02/08/edgemax-ssh-pubkey/

Network Monitoring Data Collection

SNMP

https://github.com/jbehrends/monitoring_scripts/blob/master/graphite/edgerouter_metrics.sh

https://gist.github.com/nbrownus/b6a5b1e16256f5ba035b5c0dcbae7532

Grafana

https://grafana.com/dashboards/1756

NetFlow

configure
set system flow-accounting interface <interface>
# Optional parameter if flows should be collected for egress traffic.
# set system flow-accounting netflow enable-egress
set system flow-accounting netflow engine-id <0-255>
set system flow-accounting netflow server <IP of remote netflow monitoring tool> port 2055
set system flow-accounting netflow version <1|5|9>
commit

https://community.ubnt.com/t5/EdgeMAX/Help-setting-up-NetFlow/td-p/464367

https://community.ubnt.com/t5/EdgeMAX/Netflow/m-p/365221#M3097

https://www.reddit.com/r/Ubiquiti/comments/3kobad/netflow_on_edgerouter_x_on_17/

https://forums.manageengine.com/topic/ubiquiti-edgemax-analyzer-config-issue

nTop

http://www.ntop.org/nprobe/running-nprobe-and-ntopng-on-ubiquity-edgerouter-lite/

Forum

https://help.ubnt.com/hc/en-us/categories/200321064-EdgeMAX

Bootloader Update

curl -O https://dl.ubnt.com/firmwares/edgemax/v1.8.0/update-boot.sh
sudo bash update-boot.sh
reboot

https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeRouter-X-X-SFP-bootloader-update/ba-p/1472216

uPnP

Config Tree > service > upnp > listen-on > interface

SNMP

Official UniFi MIBs can be downloaded from HERE and HERE (those are 2 different files).

https://github.com/jbehrends/monitoring_scripts/blob/master/graphite/edgerouter_metrics.sh

http://leerspace.com/2014/11/08/snmp-and-mrtg-ubiquiti-edgerouter-lite-ubuntu-server/

https://gist.github.com/nbrownus/dfd8ab05728bbf8ff5993ac0d34eaeb6

CLI

https://community.ubnt.com/t5/EdgeMAX/EdgeOS-CLI-Primer-part-1/td-p/285388

Firewall Regions Explanation

WAN_IN is from the internet, through the router, and onward to your LAN. In very general terms, you want to drop 90% of this mess - it's script kiddies, port scans, nigerian princes, and anyone else you don't want able to head through your router. Obviously, you're gonna want to allow ports 80, 443, 25, and others if you're running those types of services. If you haven't got any idea what I'm talking about with those three ports, better to not open them.

WAN_LOCAL is from the internet to your router, with no intention of going farther. Best to just drop everything on this interface -- unless, for example it's a router at a remote site, and you've got a static at your main site, so you allow traffic from 10.10.x.y/28 (note, I'm using private address space as an example, real world would depend on your ISP).

LAN_IN is everything inbound to the router from your LAN (e.g. 192.168.1.0/24) that's destined for somewhere else (WAN, other LAN such as 192.168.2.0/24). In a SMB, or SOHO setup, this is probably explicitly permissive. In an enterprise setting, this may or may not be permissive (e.g. blocking all outgoing traffic except for SFTP on a non-standard port).

LAN_LOCAL is everything inbound to the router from your LAN destined for the router. Again, unless you're doing enterprise routing, this is probably fairly open - although good SMB setups with guest networks may block the guest network range.

Command Auto Completion

You can press the ? key to find the top-level commands, then type that command and ? again to find the options for that top-level command.

?
show ?
show version
show interfaces
show interfaces ?
show interfaces ethernet

You can also use the keyboard Tab button to complete the options.

Show Configuration

There are 2 ways to show the current configuration - in a tree or in commands:-

show configuration all
show configuration commands

If you use the 'commands' option, you can then grep or 'match' the output to limit results.

show configuration commands | match system

Edit Configuration

You have to enter 'edit' mode first, and it will show you after every command that you are in this 'edit' mode with a separate line just above the prompt showing [edit]...

configure

When you have finished your command changes, you can show your changes, to check...

compare

To make the changes active, you have to save them...

commit

Then, come out of configure mode...

exit

EdgeRouter VDSL

ECI Openreach modem for FTTC
B-FOCuS V-2FUb/r Rev.B

Yes it does support BT FTTC Infinity. Use PPoE and connect to white BT modem with Cat 5e cable. Set MTU at 1492.

https://community.ubnt.com/t5/UniFi-Routing-Switching/does-edgerouter-support-vdsl/td-p/1112045

https://community.plus.net/t5/Fibre-Broadband/Config-for-Ubiquiti-ER-X-EdgeRouter-X-on-Plusnet-FTTC/m-p/1293820

https://community.ubnt.com/t5/EdgeMAX/BT-infinity-fibre-optic-setup/m-p/1183648/highlight/true#M57491

http://wiki.indie-it.com/wiki/DSL_Devices#British_Telecom

Purchase

https://mangolassi.it/search?term=er-x&in=titlesposts

TOUGHSwitch PoE

Downloads

Firmware

User Guide

Default IP Address

192.168.1.20

https://192.168.1.20

Default Username & Password

Username: ubnt
Password: ubnt

Maximum Password Length

Eight characters

IPSec VPN Passthrough

http://community.ubnt.com/t5/EdgeMAX/Newbie-Simple-1-LAN-1-WAN-SOHO-Setup/td-p/1377745

HOWTO: INSTALL: DEPENDANT SOFTWARE:

** THIS IS NOW NO LONGER REQUIRED. PLEASE SEE 16.04 INSTRUCTIONS BELOW **

ORACLE JAVA 8:

Add the repository:

sudo nano /etc/apt/sources.list

# Java 8
deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main 
deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main

Save (CTRL+o) and exit (CTRL+x).

Add the keyserver and install the software:

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com EEA14886
sudo apt-get update
sudo apt-get install jsvc oracle-java8-installer oracle-java8-set-default

Check the installed version:

java -version

MongoDB:

Open the sources.list and add the line shown in bold at the end of the file:

sudo nano /etc/apt/sources.list

deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen

Save (CTRL+o) and exit (CTRL+x).

Add the keyserver and install the software:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
sudo apt-get update
sudo apt-get install mongodb

HOWTO: INSTALL: UniFi

UniFi can either be installed from a .deb file or via a PPA repository:

Ubuntu Server 16.04 From .deb File:

  1. Visit Ubiquiti's download page
  2. In the SOFTWARE section, click on "UniFi v4.x.x Controller for Debian/Ubuntu Linux"
  3. Locate the file called "unifi_sysvinit_all.deb" and download it
sudo dpkg -i unifi_sysvinit_all.deb
sudo apt-get -f install

Ubuntu Server 14.04 From .deb File:

  • Visit Ubiquiti's download page
  • In the SOFTWARE section, click on "UniFi v4.x.x Controller for Debian/Ubuntu Linux"
  • Locate the file called "unifi_sysvinit_all.deb" and download it
sudo dpkg -i --force-depends unifi_sysvinit_all.deb

Ubuntu Server 14.04 From Repository:

The following is an installation on Ubuntu Server 14.04.

Add the repository and keyservers by editing the following file adding the lines shown in bold at the end of the file:

sudo nano /etc/apt/sources.list
# Ubiquiti Unifi
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
 
# Mongodb
deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen

Add the following key servers, the first for Unifi itself the second for MongoDB:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
sudo apt-get update

Finally install the software:

sudo apt-get install unifi stable, or
sudo apt-get install unifi-rapid better than standard not as bleeding edged as beta
sudo apt-get install unifi-beta

HOWTO: Install a valid SSL Certificate in UniFi Controller

https://kx.cloudingenium.com/ubiquiti/unifi/install-valid-ssl-certificate-ubiquiti-networks-unifi-controller/

LetsEncrypt SSL Certificate

https://lg.io/2015/12/13/using-lets-encrypt-to-secure-cloud-hosted-services-like-ubiquitis-mfi-unifi-and-unifi-video.html

RaspberryPi:

Official

http://community.ubnt.com/t5/UniFi-Wireless/Raspberry-Pi-and-Unifi/m-p/1167782#M91180

http://community.ubnt.com/t5/UniFi-Wireless/Finished-Raspberry-PI2-Image/m-p/1187658#M94346

http://community.ubnt.com/t5/UniFi-Controller-Installation/UniFi-Installing-the-Controller-software-on-Raspberry-Pi/ta-p/1127992

https://community.ubnt.com/t5/UniFi-Wireless/Unifi-4-6-3-on-raspberry-pi-2/m-p/1249829

https://community.ubnt.com/t5/UniFi-Wireless/New-upgraded-Raspberry-Pi-2-as-a-unifi-controller/td-p/1164776

Unofficial

Logan Marchione.

Kowen Houston - Instructions here.

Kowen Houston - Download here.

Erik Van Paassen

Lowe Family

Amazon Web Services

https://www.youtube.com/watch?v=NSMM5dT1vSk

https://www.youtube.com/watch?v=y5tkToD_nds

Cloud Controller

https://www.stevejenkins.com/blog/2016/05/diy-cloud-hosting-ubiquiti-ubnt-unifi-controller/

HOWTO: POST INSTALLATION ACTIONS:

Define The Java Version:

Edit the following file, adding the path to Java 8 installation:

sudo nano /etc/init.d/unifi

JAVA_HOME= # Edit this line to match that shown below

JAVA_HOME=/usr/lib/jvm/java-8-oracle

Open The Required Firewall Ports:

Open ports on the server's firewall (in this example UFW):

For internal connection:

sudo ufw allow from 192.168.0.0/24 to any port 8080 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 8081 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 8443 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 8843 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 8880 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 27117 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 3478 proto udp

Details of the ports required by Unifi can be found here.

Port 3478 UDP relates to STUN server usage so if you are not using VOIP hardware this port is not needed.

If your server already uses any of the ports listed above how to change those used by Unifi can be found here.

The file to alter to use different ports can be found in the following location:

/usr/lib/unifi/data/system.properties

Accessing The Web Interface:

https://your.server.ip:8443/manage

All being well you should see similar to the picture below:

Unifi Controller Home Screen.jpg

INFO:

Wireless Networks + VLAN

Unifi Controller Admin

Wireless Networks

  • "red" --> normal
  • "green" --> advanced options --> VLAN 10

Networks

  • "red" --> Corporate --> Subnet 192.168.x.x/24
  • "green" --> VLAN Only --> VLAN 10

Profiles

  • Switch Ports --> "green" --> Native Network = "green(10)"
  • Switch Ports --> "red" --> Native Network = "red"

Unifi Traffic Bandwidth Limiting

How To Set Traffic Bandwith Limits

Unifi Krack Patch

Fix Krack Vulnerability

Backup File

https://help.ubnt.com/hc/en-us/articles/205231940

config.properties File

Location, creation & edition:

cd var/lib/unifi/sites/{site_name} # This can be found from the address bar in the browser, if it is the first controller you have created it should be called 'default'
sudo touch config.properties
sudo nano -w config.properties

Log Files

https://help.ubnt.com/hc/en-us/articles/204959834

Zero Handoff

https://help.ubnt.com/hc/en-us/articles/205144590

HOWTO: VARIOUS

Start, Stop or Restart

sudo service unifi start|stop|restart

View Log File

cat /var/log/unifi/server.log

HOWTO: FIX:

LG Nexus 5 Not Connecting To UAP AC Lite 5GHz Wi-Fi

Change the 5GHz Channel to less than 52.

Thanks - https://community.ubnt.com/t5/UniFi-Wireless/AP-AC-Lite-5Ghz-no-SSID-shown-Nexus-5-not-connecting-to-5Ghz/td-p/1954343

Error: MongoDB Journal Files Eating Disc Space.

A. MONGO DB PRUNE OLD DATA FIX

wget "https://help.ubnt.com/hc/article_attachments/115024095828/mongo_prune_js.js"
sudo mongo --port 27117 < mongo_prune_js.js

Official Unifi Page

B. SMALL FILES FIX

  1. stop system wide mongodb from starting
  2. edit system.properties file for smallfiles parameter
  3. start unifi
sudo nano /etc/init/mongodb.conf
     ENABLE_MONGODB="no"
sudo nano /usr/lib/unifi/data/system.properties
     unifi.db.extraargs=--smallfiles
sudo update-rc.d -f mongodb remove
sudo service unifi start

Thanks - https://community.ubnt.com/t5/UniFi-Wireless/UNIFI-Eating-all-disk-space-Mongodb/td-p/395410

Also - https://help.ubnt.com/hc/en-us/articles/204911424-UniFi-How-to-remove-prune-older-data-and-adjust-mongo-database-size

$ ll /var/lib/mongodb/journal/
total 3.1G
drwxr-xr-x 2 mongodb nogroup 4.0K 2015-08-03 15:54 .
drwxr-xr-x 3 mongodb mongodb 4.0K 2015-08-03 15:22 ..
-rw------- 1 mongodb nogroup 1.0G 2015-08-03 15:54 prealloc.0
-rw------- 1 mongodb nogroup 1.0G 2015-08-03 15:43 prealloc.1
-rw------- 1 mongodb nogroup 1.0G 2015-08-03 15:43 prealloc.2
$ rm -rfv /var/lib/mongodb/journal/*
removed ‘/var/lib/mongodb/journal/prealloc.0’
removed ‘/var/lib/mongodb/journal/prealloc.1’
removed ‘/var/lib/mongodb/journal/prealloc.2’
$ df
Filesystem     Type  Size  Used Avail Use% Mounted on
/dev/sda1      ext4   10G  3.5G  6.0G  37% /
$ nano /usr/lib/unifi/data/system.properties 
unifi.db.nojournal=true       # disable mongodb journaling

Error: Keystore Missing.

If the the following is listed in the error log file:

/usr/lib/unifi/data/keystore (No such file or directory)

FIX

sudo service unifi stop
sudo keytool -genkey -keyalg RSA -alias selfsigned -keystore /usr/lib/unifi/data/keystore -storepass aircontrolenterprise -validity 365 -keysize 2048 -destalias unifi

Answer the following questions by pressing enter up until the line starting "Is CN=" when you will need to answer "Y" then press enter:

What is your first and last name?
 [Unknown]:  
What is the name of your organizational unit?
 [Unknown]:  
What is the name of your organization?
 [Unknown]:  
What is the name of your City or Locality?
 [Unknown]:  
What is the name of your State or Province?
 [Unknown]:  
What is the two-letter country code for this unit?
 [Unknown]:  
Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
 [no]:

Finally start Unifi:

sudo service unifi start

Thanks to Calvin Bui.

HOME

  1. Modem Router Firewall
  2. POE Switch
  3. Wi-Fi Access Point

LINKS

Mental Home Network

Mental Home Network

Guest Network

https://www.youtube.com/watch?v=I8D6ju2AvpI

https://help.ubnt.com/hc/en-us/articles/115000166827-UniFi-Wireless-Guest-Network-Setup

Ubiquiti Videos

Various

Review

http://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/

CLI

https://help.ubnt.com/hc/en-us/articles/204976584-EdgeMAX-Connect-to-CLI-With-Telnet

http://community.ubnt.com/t5/tkb/v2/page/blog-id/CLI_Basics%40tkb/page/1

EdgeRouter Pro

http://community.ubnt.com/t5/EdgeMAX/Newbie-Simple-1-LAN-1-WAN-SOHO-Setup/m-p/1377745

http://community.ubnt.com/t5/EdgeMAX/Basic-SOHO-Home-Config/m-p/398057

https://help.ubnt.com/hc/en-us/articles/205197660-EdgeMAX-SOHO-Example

http://sohovercomplicated.com/edgerouter-basic-soho-router-firewall-part-1-the-basics/

UniFi

https://community.ubnt.com/t5/UniFi-Updates-Blog/UniFi-3-2-7-is-released/ba-p/1085473

https://community.ubnt.com/t5/UniFi-Wireless/Unifi-4-2-Controller-Install-Guide-Linux-Ubuntu-Server-14-10/td-p/1158280

https://community.ubnt.com/t5/UniFi-Wireless/UNIFI-controller-for-linux/m-p/962877

https://community.ubnt.com/t5/UniFi-Wireless/UniFi-controller-on-Debian-v7-1-x64-not-working/td-p/523245

http://wiki.ubnt.com/UniFi_FAQ#Operation_and_Deployment

http://sunstatetechnology.com/docs/UniFiControllerInstallation.pdf

https://calvin.me/install-unifi-controller-ubuntu/

https://community.ubnt.com/t5/UniFi-Wireless/Unifi-Controller-Setup-for-Remote-Location-Cloud-NOC/td-p/312142

http://community.ubnt.com/t5/UniFi-Controller-Installation/UniFi-Install-the-controller-software-on-the-UniFi-Video-NVR/ta-p/814754

https://www.youtube.com/watch?v=NSMM5dT1vSk

http://www.msdist.co.uk/Unifi_questions_extract_from_Ubiquiti_Forum.pdf

https://www.youtube.com/watch?v=juE0qH-D6Gs&index=3&list=PLqmQzXAOhOQj8AT31sc1seFJG0v0sSQ0m

https://www.youtube.com/watch?v=uKxgyt1kArw&index=15&list=PLqmQzXAOhOQj8AT31sc1seFJG0v0sSQ0m

Error related:

https://community.ubnt.com/t5/UniFi-Wireless/UniFi-Apache-500-Error/td-p/948953

https://community.ubnt.com/t5/UniFi-Wireless/UniFi-on-Ubuntu-help-needed/td-p/238635

http://community.ubnt.com/t5/UniFi-Wireless/HTTP-Status-400/td-p/621497

http://community.ubnt.com/t5/UniFi-Wireless/Apache-Tomcat-HTTP-Status-400/m-p/654089/highlight/true

http://forum.thecus.com/viewtopic.php?f=36&t=8004