Ubiquiti AP suggestions

I am looking at upgrading my Wifi equipment and segmenting my network. I live in a townhouse style apartment with all the networking upstairs and Wifi only downstairs. My current equipment:

  • Custom Pfsense router: 1 wan, 1 lan, 2 unused OPT ports
  • Unraid server w/ lots of docker containers
  • Old Asus Wireless router as AP
  • Couple of PC’s
  • a few phones/tablets
  • A couple of IoT things

Goal: To be able to setup wifi & network to support 3 segments: trusted, IoT, guest.

I am looking Ubiquiti products, but there are lots of choices and I don’t feel I know enough to make a good decision on my own.

Edit: Also my networking knowledge is at “I know enough to get myself into trouble” level. So any suggestions for guides is also appreciated.

I installed AP-AC-LITE in my house in 2018, in addition to two much older single band Unifi AP. No complaints for speed or ease of configuration. The Unifi setup replaces a random collection of old routers running dd-wrt.

I like the AC-LITE because they are cheap. Cheap because they’re 11ac wave 1. As home user not supporting a sales floor with 100s of wireless devices, I don’t need the density that wave 2 offers.

Newer AC-LITE run on actual standard PoE so you don’t need to use the injectors if you don’t want.

You should be able to configure vlans using just access points. I’ve never tried myself.

I also bought the Unifi Security Gateway and a Switch, which gives me better visibility into my network. I can configure a new network on the USG and it’s automatically provisioned to all the other devices.

On my to-do list is RADIUS so I can get rid of pre-shared passwords for devices that support WPA2 Enterprise.

1 Like

Can confirm. The APs support VLANs just fine. I have two wireless network running off my AC lite. One normal. One guest. Different VLANs. Used to have a standard AP (802.11g) and the migration was so simple. Adopted the new one. Waited about a minute for the network conf to push. And that was the end. Took me longer to get it mounted on the ceiling than to set it up

2 Likes

I’d go with one AP-lite per floor assuming you can run ethernet, otherwise you might want to get a mesh model. Vlans are no problem and I believe you can do up to 5 ssids.

1 Like

I can recommend UAP-AC-LR as that is what I use, its enough to cover my one floor 119 m² house. Doesnt really stretch outside tho, but thats mainly because of Finland and kickass house insulation, double windows etc…

1 Like

As an owner of a pair of the pro models plus their POE switch, I couldn’t be happier. I’ve got 3 vlans currently configured including a guest portal, all working great. They all mesh seamlessly and clients will switch to whichever is closest without you noticing anything.

If you want more speed than what the lite version offers the pro is a bit faster and the HD models offer higher speeds on 5ghz but some models have slower 2.4ghz.

This chart compares all the models:

One thing to note about Ubiquity stuff is you will want to run their controller software on a server or get their CloudKey device so you can manage the equipment. For myself, I have a docker running on my unraid server that works well.

You will learn they can be a bit like Apple in that their stuff all works amazingly well together within their ecosystem and there are huge incentives to get more of their stuff to build on that ecosystem.

1 Like

I plan on getting their AP very soon myself, I really like Lawrence Systems on youtube as a resource for Ubiquiti and even Ubiquiti + pfSense combination material.

Lawrence along with Crosstalk solutions and The Hook Up have great vids on the actual firewall and segmentation parts of the setup (if not using your products the ethos and theory behind it are sound, the GUI and terminology might slightly vary- for instance how Crosstalk shows the state-full firewall relationship but the term and GUI is much different than with pfSense).

3 Likes

Thank you everyone. I think for now to manage cost, I am going with 1 UAP-AC-LITE upstairs and I can add a UAP-AC-M-US downstairs later if needed. Once I find some POE rated Ethernet I should be good to go.

1 Like

TIL there are Unifi controller plugins coming to FreeNAS in 11.3. Both current and LTS.

1 Like

I don’t think you need anything special… at least not for vanilla POE.

2 Likes

As long as your wiring has all 4 pairs hooked up properly.

Its possible in some wiring situations (sometimes older) where the wiring was split to allow two lines to talk over one wire or other oddball uses (USB?). Terminations may not be complete at the wall plates since not all wires are needed for basic Ethernet. It wouldn’t hurt to at least test your connections with a basic connectivity tester to make sure lines aren’t crossed before sending power over it but if done professionally, there probably isn’t anything to worry about.

2 Likes

I’ll probably be fine then. I have pre-made Ethernet cables and nothing in the walls.

1 Like