*** Official Ubiquiti Discussion Thread ***

[b0rn2sk8]

Be careful if you are using WPA3, as it may not like the WiFi 5 units.

Correct me if I am wrong but I didn't think older WiFi devices would connect to a WPA3 only network anyway. That basically means you need to have WPA2 enabled anyway, sue you can segment it via VLANs but you'll probably have something which you want to access your full network not currently WPA3 capable.

 

[RSR]

Correct me if I am wrong but I didn't think older WiFi devices would connect to a WPA3 only network anyway. That basically means you need to have WPA2 enabled anyway, sue you can segment it via VLANs but you'll probably have something which you want to access your full network not currently WPA3 capable.

It depends, to indirectly answer your question. As an example, if you use WiFi 6E it will require WPA3 to be used. I believe there are some WiFi 5 devices which support WPA3 but the UniFi WiFi access points like the Ultra don't support WPA3.

I normally have 2 WiFi networks at home, the main one runs WPA3 which all my devices can connect (main network) to other than the Nintendo Switch. Then I have an IoT WiFi network which has WPA2/WPA3 support, so I just pop the switch on that.

I believe since 2016 Apple devices have supported WPA3, so it does depend on the device.

 

[b0rn2sk8]

I think that's sort of my point in that if you have WPA2 devices, you have to completely segment them away from your core network otherwise you don't get the benefit from WPA3.

If you just have a separate WPA2 SSID and it is not locked down someone can just crack your WPA2 network (which is not that difficult these days) and they'll have access to your full network via the WPA2 SSID. If you are not locking it down, then running WPA3 only isn't adding to your WiFi security.

That said, the risk of someone cracking your WiFi and looking at your Linux ISO's is pretty slim.

 

[kmax86]

Be careful if you are using WPA3, as it may not like the WiFi 5 units.

Thanks for this info. My main wifi is wpa3 only.
I also run a separate WiFi for devices that do not support wpa3 similar to your setup.

Is my understanding correct that mixing in u6pro with 7pro I will have to depend on the client device to see if it will switch to 6e/7?

 

[RSR]

I think that's sort of my point in that if you have WPA2 devices, you have to completely segment them away from your core network otherwise you don't get the benefit from WPA3.

If you are going full-on lockdown, you would also use host isolation on the WPA2/WPA3 (IoT) side, along with associated security rules.

 

[RSR]

Is my understanding correct that mixing in u6pro with 7pro I will have to depend on the client device to see if it will switch to 6e/7?

I can't see a technical reason why they wouldn't work together, MLO is about the only thing which you would be missing which is a U7 feature.

 

[kmax86]

Yes they will work but let say if a client is located where both u6pro and u7pro have an overlap signal area is there a way to force clients to priortize connecting to the access point with 6e/7

I guess the better solution is to avoid an overlap by placing both AP further apart

 

[RSR]

Yes they will work but let say if a client is located where both u6pro and u7pro have an overlap signal area is there a way to force clients to priortize connecting to the access point with 6e/7

I guess the better solution is to avoid an overlap by placing both AP further apart

You can set a Minimum RSSI which will force clients off after a setting threshold, something around 75dB may be a good starting point.

 

[michty_me]

I'm really stumped with an issue I'm having currently.
Power was off mid week last week, since then no apple devices have internet but can connect to the network. Even new ones.
I was asked to make sure privacy relay was off which it is but still the same issue. Every other device is working fine apart from apple products.
ERX with U7 pro.

 

[the-evaluator]

It's Early Access.

I should have said - I'm part of the beta program and have been running EA software for years.

I got a notification on the Ubiquiti Community site, but no email which is unusual.

 

[the-evaluator]

I'm really stumped with an issue I'm having currently.
Power was off mid week last week, since then no apple devices have internet but can connect to the network. Even new ones.
I was asked to make sure privacy relay was off which it is but still the same issue. Every other device is working fine apart from apple products.
ERX with U7 pro.

On one device tell it to forget the network and then try to join again. Does that many any difference?

 

[ChrisD.]

I should have said - I'm part of the beta program and have been running EA software for years.

I got a notification on the Ubiquiti Community site, but no email which is unusual.

Ah fair enough. I know they’ve made a lot of changes, maybe try disabling and enabling again.

 

[michty_me]

On one device tell it to forget the network and then try to join again. Does that many any difference?

I've tried that, Tried factory resetting the AP, Removing it from the controller annd re-adopting it. I've also tried different radio channels. Now the AP is showing offline but all devices are connected (Well the ones that work).
I think its time to rip out the ERX and netgear switch and chuck in the UDMP and start from scratch. Very confused though.

 

[the-evaluator]

I've tried that, Tried factory resetting the AP, Removing it from the controller annd re-adopting it. I've also tried different radio channels. Now the AP is showing offline but all devices are connected (Well the ones that work).
I think its time to rip out the ERX and netgear switch and chuck in the UDMP and start from scratch. Very confused though.

When you say they can't connect, what exactly happens? Do you get told that the Wi-Fi password is wrong even when it isn't? Do the devices connect to the Wi-Fi but not get an IP address?

What firmware is the AP running? It'd be worth trying an upgrade or downgrade.

 

[the-evaluator]

Ah fair enough. I know they’ve made a lot of changes, maybe try disabling and enabling again.

Seems the only notification (both community & email) that was showing as enabled was for UniFi LTE. I've set the notifications up again and will see what happens next time there's a release.

 

[michty_me]

When you say they can't connect, what exactly happens? Do you get told that the Wi-Fi password is wrong even when it isn't? Do the devices connect to the Wi-Fi but not get an IP address?

What firmware is the AP running? It'd be worth trying an upgrade or downgrade.

It finds and connects to the WiFi but after 10 seconds it states that there is no internet. It will then randomly connect to allow say the likes of whatsapp messages to get through then drop back to a no internet status. The AP is running the latest firmware. I'll look at downgrading the firmware.

 

[the-evaluator]

It finds and connects to the WiFi but after 10 seconds it states that there is no internet. It will then randomly connect to allow say the likes of whatsapp messages to get through then drop back to a no internet status. The AP is running the latest firmware. I'll look at downgrading the firmware.

When it says 'no internet' does the device have a valid IP? Can you download a ping app onto one of the devices and then see if you can ping the ER-X when it's reporting no internet access?

Try to avoid saying 'latest firmware' as there's various different release channels so the latest version will actually be multiple different versions. It's better if you quote version numbers.