Problem with Unifi Gen 2 switch

I have been having issues with a Cloud Key Gen2 Plus; it seems not to control my (Brand New) UniFi Switch 16 PoE second generation. This issue has been going on for about 4 weeks. My switch keeps disconnecting (un adopting) from the Cloud Key, and then I need to log into the cloud key and try readopting the controller, which until a few days ago I was able to do. At first, I thought the problem was with the cloud key, so I set the cloud key to its default factory settings and tried to rebuild my network, but I ran into a problem the cloud key wouldn’t accept the account I already set up on www.ui.com. I went ahead and set up a new account on the previously mentioned website. I now think the problem lies with the switch; the switch needs to be reset to factory defaults.
I know to reset my switch, I need to ssh into the switch, but I am having problems ssh into the switch’s command line. Here is the output of the terminal.

prince_charming@Doc:~$ ssh [email protected] ssh: connect to host 192.168.1.2 port 22: No route to host prince_charming@Doc:~$

Here is the output when I try pinging the switch.
`prince_charming@Doc:~$ ping -c10 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 192.168.1.103 icmp_seq=1 Destination Host Unreachable
From 192.168.1.103 icmp_seq=2 Destination Host Unreachable
From 192.168.1.103 icmp_seq=3 Destination Host Unreachable
From 192.168.1.103 icmp_seq=4 Destination Host Unreachable
From 192.168.1.103 icmp_seq=8 Destination Host Unreachable
From 192.168.1.103 icmp_seq=9 Destination Host Unreachable

— 192.168.1.2 ping statistics —
10 packets transmitted, 0 received, +6 errors, 100% packet loss, time 9194ms
pipe 4`

Here is the terminal out of pinging my pfsense appliance, which is acting as the switch’s gateway.

prince_charming@Doc:~$ ping -c10 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.117 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.118 ms 64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.242 ms 64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.115 ms 64 bytes from 192.168.1.1: icmp_seq=5 ttl=64 time=0.124 ms 64 bytes from 192.168.1.1: icmp_seq=6 ttl=64 time=0.116 ms 64 bytes from 192.168.1.1: icmp_seq=7 ttl=64 time=0.249 ms 64 bytes from 192.168.1.1: icmp_seq=8 ttl=64 time=0.290 ms 64 bytes from 192.168.1.1: icmp_seq=9 ttl=64 time=0.112 ms 64 bytes from 192.168.1.1: icmp_seq=10 ttl=64 time=0.112 ms

I need help.

There should be a way to reset the switch in hardware (paperclip in the reset hole).

But it seems like either they haven’t worked out the kinks with the new switch (not surprising), or your cloud key or switch is faulty.

Also always possible there’s a bad cable or misconfigured pfsense also…

Can you show us a diagram of your network?

Hi @oO.o, you will not believe what happened; I made such a stupid mistake; I am embarrassed to mention the error. I thought the IP address for my switch was 192.168.1.2, but it isn’t; the correct IP address for the Unifi switch is 192.168.1.102. I have been trying to ssh into my Unifi Gen 2 switch with the wrong IP address for two days. What is really embarrassing is I have checked and double-checked Pfsense’s DHCP Lease status for the last two days, meaning the correct IP address has been staring at me for the last two days without realizing it until a couple of hours ago. I haven’t tried to fix it yet (I have been too busy at work), but I did manage to find the correct user name and password. When I installed my switch, I did change the default user name and password, and I have successfully logged in and out of my Unifi switch. To embarrass me some more, I have posted a screenshot of the Pfsense DHCP lease status.

Yes, there is a reset hole on the back of the switch. But since the Unifi switch is inside a rack and I am Lazy, I didn’t want to remove it to have the ability to reach the reset hole on the back of the switch. The ultimate problem is that Ubiquity hasn’t and never will work out the kinks with the second generation equipment. I will probably never purchase another Ubiquity product.

As requested, I have also posted a diagram of the two separate networks in the house. The 192.168.50.0 subnet network is for my mother and sisters to use; Aaron’s network with the subnet of 192.168.1.0 is the one I can experiment with.

1 Like

Where is the cloud key and do you have static reservations for the cloud key and switch?

I knew I forgot to add some devices; that is the problem with trying to do two things at once. You end up doing a poor job. Okay, the cloud key has an IP address of 192.168.1.119, and a Raspberry Pi (which I will set up as a Pi-Hole when I get these other projects done.) has an IP address of 192.168.1.124. Since the cloud key and the Pi get their IP address from Pfsense’s DHCP server, I know they don’t have a static IP address. My switch, Cloud Key, and the Pi don’t have a static IP address because since all the mentioned devices have an IP address above 192.168.1.50 they receive their IP address from the Lan DHCP server.

I could be wrong, but I think you’ll need static addresses for the switch and/or cloud key. If you were using a unifi gateway, I think it would handle that for you, but since you have pfsense there, it’ll be less plug-and-play.

If Unifi does become stable and usable for you (and you decide you like it), you might consider getting their gateway. It’s a better experience if you go all in on it imo. There are definitely some features in pfsense that are not present in Unifi (or that the underpowered Unifi gateway can’t handle well like IDS). However, you can leverage both, either via a DMZ or by using pfsense as a transparent filtering bridge between WAN and Unifi. Traditionally, gateway and router are separated this way using different vendors for each piece of hardware. This creates 2 layers of protection between your LAN and the outside world. If there’s a zero-day on your gateway, you still have the router there to protect you and vice versa.

Anyway, I’m ranting a bit, but things to thing about as you expand your home lab.

You might be right, the limited research I have done leads me to believe either one device needs a static IP address or both need one. Well, this project will have to wait until Friday, my next day off. To busy until then with work projects. Thanks for the help and advice. I am considering getting an Unifi gateway would be an interesting experiment to see if my network would be more stable with an Unifi gateway.

1 Like