# Ubiquiti Unifi AP Wireless N



## balanga (Feb 12, 2019)

I would like to use a Ubiquiti Unify AP Wireless N Access Point on my LAN.  Are they easy to set up, and how are they powered? 

It seems I need something like POE.  How do I know if I have POE?


----------



## usdmatt (Feb 12, 2019)

They come with a power supply that takes Ethernet and power in, and sends PoE to the AP.

Note that you can't log into a unifi AP*. You have to have a controller, which can run on FreeBSD and is in ports (it's a java application)

*well you can ssh to it, but that's only really useful to reset it or manually attach to a controller.


----------



## balanga (Feb 15, 2019)

usdmatt said:


> They come with a power supply that takes Ethernet and power in, and sends PoE to the AP.
> 
> Note that you can't log into a unifi AP*. You have to have a controller, which can run on FreeBSD and is in ports (it's a java application)
> 
> *well you can ssh to it, but that's only really useful to reset it or manually attach to a controller.



Does it use a standard ethernet cable or do you need something specific for POE?

I just got the access point and it didn't include anything else, but I also bought a small POE power unit. Is that what you mean by the controller?  Where do I find the java app?

Sorry for so many questions, but I've never set one of these up and don't know what is involved.


----------



## balanga (Feb 15, 2019)

Just connected it up and can ping it, but not ssh because I don't know the password...


----------



## Phishfry (Feb 15, 2019)

The controller he is speaking of is a software controller.
The access point only contains a radio and antenna and bare bones OS.
So you have to use a software controller(found in ports tree) to set it up.

net-mgmt/unifi5


----------



## balanga (Feb 15, 2019)

How do I run it?

I tried a reset hoping the userid/password would revert to the default but still couldn't `ssh`...


----------



## balanga (Feb 15, 2019)

Found this link but it mentions:



> *Install MongoDB*
> Install *mongodb* on the jail.
> pkg install -y mongodb
> 
> ...



but no such pkg is available, but it may no longer be required.

In the logfile  /usr/local/share/java/unifi/logs/server.log I see



> [2019-02-15 13:15:12,897] <db-server> INFO  db     - DbServer stopped
> [2019-02-15 13:16:23,653] <launcher> INFO  system - ======================================================================
> [2019-02-15 13:16:23,654] <launcher> INFO  system - UniFi 5.9.29 (build atag_5.9.29_11384 - release) is started
> [2019-02-15 13:16:23,654] <launcher> INFO  system - ======================================================================
> ...



Anyone know what this 'native lib - ubnt_webrtc_jni' is?


----------



## usdmatt (Feb 15, 2019)

Strange, we've always had a PoE supply in the box.

I've never had to install mongo, just installing unifi5 should pull in any dependencies.
Also, I only have `unifi_enable="yes"` in /etc/rc.conf. It starts its own copy of mongo automatically.

I get the same webrtc error but just ignore it. It should be accessible on https://{ip}:8443 iirc. (Ours has been customised a bit to use our own ssl certificate so I'm not sure of the default settings.)


----------



## usdmatt (Feb 15, 2019)

Unless things have changed the default ssh login for a new unit is ubnt for username and password.
If the controller machine and the AP are on the same LAN, hopefully it should just appear in the controller automatically and you can click 'adopt'.

Our controller is in our data centre so we always have to manually assign the devices to the controller by running the following from ssh on the AP -

# mca-cli
# set-inform http://{controller-ip-address}:8080/inform


----------



## SirDice (Feb 15, 2019)

usdmatt said:


> Unless things have changed the default ssh login for a new unit is ubnt for username and password.


Now I suddenly realize what hordes of brute-forcers are looking for. I've been wondering about this specific account for a while. I actually thought this was a default Ubuntu account or something like it. 

```
Feb 12 19:59:30 maelcum sshd[21710]: Failed unknown for invalid user ubnt from 117.109.87.140 port 36462 ssh2
Feb 12 19:59:31 maelcum sshd[21710]: Connection closed by invalid user ubnt 117.109.87.140 port 36462 [preauth]
```
I get these a lot, like, really a lot (don't worry, they're all kicked, access is constantly monitored).


----------



## balanga (Feb 15, 2019)

I think the guide above is a bit out of date, but couldn't find anything newer. 

After trying the default userid/password, I tried a reset but that didn't work... I'm currently looking at my options:-






						Password reset | Ubiquiti Community
					

How to reset Unifi default password (ubnt/ubnt).I don't remember my admin password :-(v.




					community.ubnt.com
				




It seems that I can run something like `mongo --port 27117` to gain access or 


			http://127.0.0.1:27117/
		

from a browser but that only shows:-





> It looks like you are trying to access MongoDB over HTTP on the native driver port.


----------



## msplsh (Feb 15, 2019)

You need to install net-mgmt/unifi5. Don't bother with mongo, the Unifi controller will do that for you.  The controller will start up its own web interface that you will connect to.


----------



## balanga (Feb 15, 2019)

msplsh said:


> You need to install net-mgmt/unifi5. Don't bother with mongo, the Unifi controller will do that for you.  The controller will start up its own web interface that you will connect to.



I've already been through this. I suspect mongo gets installed along with net-mgmt/unifi5

I've pointed my browser at https://127.0.0.1:8843/ and get:-



> *HTTP Status 400 – Bad Request*


----------



## msplsh (Feb 15, 2019)

UniFi should run on 8443 by default


----------



## usdmatt (Feb 18, 2019)

Not sure why it's being such a struggle. Based on your log above, the only real error was the one I get, so it looks like everything was working. As mentioned you have the port wrong in your HTTP error above. Can you see if the host is actually listening on 8443 or 8080?

I wouldn't touch mongo. Unifi manages the mongo instance and database entirely by itself, and getting involved with mongo manually is more than likely just going to make things worse.



> Now I suddenly realize what hordes of brute-forcers are looking for. I've been wondering about this specific account for a while. I actually thought this was a default Ubuntu account or something like it.



Yeah, I think they are generally looking for the Ubiquiti airos gear as I don't think there's much you can do from a Unifi (although I haven't confirmed that) and Unifi's will usually be on a private lan. There was a big issue a year or two ago where a lot of ptp/ptmp ubiquiti gear was getting hacked.

The Unifi AP's should change password to an obscure randomly generated one as soon as they are adopted into a controller (This can be viewed or changed in the controller settings screen).


----------



## balanga (Feb 20, 2019)

I finally managed to login but the setup looks pretty complicated, I did have much of an idea about what I was doing and not sure what I have set, but there is no recognisable SSID from the unit that I can try logging in to.

I have managed to ssh into the unit but what I can do seems limited.  I've just 'set default' so we'll see if I can make more sense of this learning cliff


----------



## msplsh (Feb 21, 2019)

Don't SSH into the unit.  Go to settings in UniFi, Create Wireless Network, and create one with the SSID you want.

Sometimes there's a hard way and an easy way.  In this case, there is no hard way.  Just use the UniFI software.


----------



## balanga (Feb 21, 2019)

When I select https://127.0.0.1:8443/ I immediately get to https://127.0.0.1:8443/manage/site/default/dashboard

with lots of icons down the left hand side but don't see anything for setting SSID....

There was something after I did a reset earlier, but that SSID didn't appear anywhere.

Guess I'l do another reset now that I know how to login.


----------



## msplsh (Feb 21, 2019)

The settings icon on the side.  It's a gear


----------



## usdmatt (Feb 21, 2019)

First off, you need to make sure the AP is registered with the controller
Click on the icon that looks like a target ("Devices"). Does anything show in there?
If there's an entry in there that says waiting adoption, just click the adopt button.
If there's nothing, you may need to add the AP to the controller manually. You'll need to run the two commands from my post #9 above on the AP. Once that's done it should show as waiting adoption in the controller web interface.

Until you have the AP listed as connected in the devices list, the AP won't do anything.

Once that's done, you can create a wireless network -
Right at the bottom click on the cog to open settings.
Then click on Wireless Networks, second down.
Click on "Create New Wireless Network" and enter a name and WPA Personal key

It should automatically re-provision the AP and start broadcasting the SSID.


----------



## balanga (Feb 21, 2019)

usdmatt said:


> First off, you need to make sure the AP is registered with the controller
> Click on the icon that looks like a target ("Devices"). Does anything show in there?
> If there's an entry in there that says waiting adoption, just click the adopt button.
> If there's nothing, you may need to add the AP to the controller manually. You'll need to run the two commands from my post #9 above on the AP. Once that's done it should show as waiting adoption in the controller web interface.


i

Under "Devices" it has a status of "ADOPTING" and it has been like this for a while.

Following your instructions:-



> root@S07:~ # ssh ubnt@192.168.1.60
> ubnt@192.168.1.60's password:
> 
> 
> ...



but the status stays at adopting....

I'll try resetting and starting again from scratch.


----------



## usdmatt (Feb 21, 2019)

As mentioned in the output you got above, try running the exact same set-inform command again after you click adopt in the controller.

I'm sure we only run it once these days and I've no idea why it would need to be run twice, but I seem to remember the original instructions saying the same thing.


----------



## msplsh (Feb 21, 2019)

Physically reset the Ubiquiti device and DON'T SSH into it again!









						UniFi - How to Reset Devices to Factory Defaults
					

Overview Readers will learn how to reset UniFi devices to factory defaults using different methods.     NOTES & REQUIREMENTS:    Applicable to UniFi devices such as Access Points (UAP) and Swit...




					help.ubnt.com


----------

