I live in an apartment block with reinforced concrete walls / floors and have found that I need a WAP for both upstairs and downstairs due to the walls and floors significantly blocking the WIFI signals.
I have been running two Ubiquiti Nano HD WAPs for a while quite happily now but they recently decided to ‘brick’ themselves by refusing to send DHCP requests to my PFSense DHCP server for themselves or any connecting WiFi clients. This occurred after I added a 4x 10G Mikrotik switch to the network cabinet (previously they connected to a different 8x 10G Mikrotik switch without issue). Connectivity is via a Mikrotik PoE switch.
Having re-installed the Unifi Windows server, hardware reset the NanoHD’s and re-adopted, set the Mikrotik switch as a DHCP relay and other troubleshooting tasks, I could still not get outbound DHCP requests from the NanoHD’s. It seems like they just refuse to ask for addresses.
As a stop gap measure I grabbed a couple of TP-Link H20 mesh WiFi WAPs and these are working but their strength is poor compared to the NanoHD’s. They also provide their own DHCP server addresses and I have not found a way to get them to use my lans main DHCP server instead and they cannot be reasonably wall mounted or PoE powered. As mentioned, they were a stopgap and now I am looking for recommendations for a more permanent solution.
Preferred features;
Celiing / wall mounted
PoE (at/af)
Wifi 6/6e (no WiFi 7 devices at home yet).
Seamless transition between the access points.
Able to handle a congested environment (everyone and their donkey seems to have Wifi devices and WiFi 6 or 7 seems to be the norm from internet vendors where I am currently).
Locally managed (i.e. like a locally installed Windows Unify Server or cloudkey device).
Non-subscription based.
Whilst I like the Unify Server app, I m hesitant to spend more money on Ubiquiti gear based on this recent experience.
Most of my network switches are Mikrotik but I am not tied to that brand;
MikroTik CRS309-1G-8S+IN
2* MikroTik CSS326-24G-2S+
MikroTik CSS610-8p-2s-in
MikroTik CSS610-8G-2S+IN
MikroTik-CRS305-1G-4S+IN
The WAP space seems to be a bit crowded and would rather not be tripped up with missing features I would like so am hoping for some suggestions.
Can anyone point me in the right direction for units worth taking a look at ?.
UniFi is kinda still the standard for WiFi. If you want to move away from it Ruckus is very good but more expensive when buying new. Mikrotik actually just updated their wireless lineup and allegedly it is very good now. Might be worth trying that out before you spend big bucks on Ruckus.
That would lead me to believe there is a configuration problem on the new switch, perhaps it is in router mode. Multiple APs dont simply die at the same time for no reason, especially right after adding the piece of gear they both connect to just upstream.
If you want to replace the APs I would just suggest some TP Link EAP773 or maybe EAP783 if you want to take full advantage of that 10g switch they will be on, or just upgrade to some UniFi U7 Pro’s
The ONLY (and I mean only) downside to MikroTik is the learning curve. If you aren’t good at Linux, MikroTik will force you to be.
You’re good then.
MikroTik is NDAA/TAA compliant, I asked and received an email from compliance along the lines of, “fuck commies”
Their performance to dollar ratio is unmatched.
Ubiquiti and Ruckus pale in comparison.
We have configuration servers running on MikroTik routers in enterprise environments that work the way all the cloud based onboarding wishes it could without any user interaction.
Plug in the AP, auto provisioned, it just works.
The performance itself is fantastic.
We deploy 10 of these guys and cover 100k manufacturing environments.
2 in your house will do the trick.
I have Unifi Nano HD and Unifi U6 Pro, they are both fine. I think you get some configuration issue other than the hardware issue. Getting another Unifi AP may not work if it is configured the same way.
Both the old and the new switches are running routerOS. The old switch worked the new one does not. I reverted to the original connectivity as part of the troubleshooting and the issue still persisted. The WAPs have not failed. They still accept connections and authenticate correctly but they will no obtain DHCP IP addresses (or even ask for them) from the PFSense router. I checked traffic both on the PFSense router and the 4x 10G (new connectivity) and 8x 10G switches (old reverted connectivity). The PoE switch the WAPs connect to is running SwitchOS and so I have no means to monitor traffic from the web-gui afaik.
My suspicion is that something unsettled the WAPs with the new setup and their internal config changed. Unfortunately a factory reset did not fix it.
Th PoE switch both WAPs are connected to have 8x 1G PoE ports and 2x 10G uplinks. The WAPs are connected to the 1G PoE connections. 10G is not required for them. 1G works fine for us at home.
Yeah and I do like the Unify web management of both WAPs. It was through this that I noted the WAPs could not get to the gateway (DHCP router) and the internet. Event after setting them with static IP addresses etc, they would still not send DHCP requests and reported they could not access the gateway.
I will take a look at Ruckus. This is a bit cost sensitive as it is for home but will dig in to them, thanks.
Agreed. The U6 Pro was another option I was considering but the issues ‘feel’ like an automatic config change I have no access to via the gui and which seems not to be reverted with a factory reset. I would rather not run the risk of the same thing happening if I got them.
Skip that,
Having ran Juniper, Ruckus, Netgear, Engenius, Ubiquiti, TP-Link, and MikroTik in testing and from inherited deployments I am running MikroTik at home because it’s a brick shit house able to do everything without hidden buttons and having to switch to legacy UI’s.
Ruckus is good for multi family dwellings with very simple requirements and easy onboarding.
We do not (cannot) use them for secure environments.
I should also note that I have a GLNet WiFi router connected to the PoE switch and it has continued to work find both before and after the switch change. My Aqara G4 WiFi doorbell refused to connect to the NanoHDs (a while ago) and so I put this little travel router in as another stopgap. I hope the new WAPs will remove its need.
I will at a later date setup 3 subnets (WiFi / Server / Home) from the PFSense router via its 3x 10G nics but I need to get the current setup working with new WAPs first.
My advice would be that since @RimBlock Already has some of Mikrotik’s products if he were to purchase new WAPs, @RimBlock might as well purchase Mikrotik’s WAP product line.
I guess that @RimBlock’s Unifi WAPs are not dead; they are just misconfigured. I would download a WiFi inspection app and find a WiFi channel that isn’t too crowded. @RimBlock DNS for the Unfi WAPs could not be correctly set up.
Mikrotik seem to be the obvious choice, unfortunately they are out of stock locally and whilst I can order from Amazon internationally, I understand the US versions do not have international bands enabled.
The issue with the NanoHDs seems to be with their DHCP clients. After putting the 4x 10G switch in the path between the WAPs and the Router (Gateway / DNS / DHCP) they fail to get DHCP provided IP addresses for themselves or any WiFi clients. They both revert to an IP of 192.168.1.20 which clashes with my printer. After unplugging the printer and one WAP, the remaining WAP is adoptable in Unify and although it’s IP address is set as DHCP, it will not set itself to the IP registered for it in the router. Setting a static IP on the WAP (inc netmask, DNS, & Gateway) results in the WAP not requesting IP addresses for WiFi connected clients.
The WAP is connected to a MT PoE switch which is then connected to the 4x 10G switch. Monitoring DHCP requests on the 4x 10G switch results in no traffic when a WiFi client connects to the WAP.
Going back to the old connectivity does not resolve the issue and my GL Net WiFi router connected to the same PoE switch has had no issues.
One thing I have not tried is to revert to revert to an older firmware on the WAPs followed by a hardware reset and re-adoption. I am wondering if that would reset the DHCP client to factory settings as a hard reset on its own made no difference.
ISP suppliers all have them in stock with many offering same day shipping.
But yes, supply is the other issue with MikroTik. They are constantly in demand, but not subsidized by a world super power that’s doing so to gain unimpeded access to an ever increasing number of networks in the U.S.
Not a conspiracy theory, substantial breaches have been occurring through Chinese sourced network attached hardware. Some of which are freely known, though most are reported to CISA, remediated, and additional mitigation guidelines are published through NIST.
correct, and you’ll be missing 1 U.S. band if I remember correctly.
If there’s a local company specializing in network security, they may have inventory. Though the end of 2024 is the deadline for federal compliance in order to continue receiving DOD contracts. We are moving MikroTik hardware as fast as we receive it.
Have reset the 4x 10G switch to factory defaults and checked the bridge. All looks good and in line with the 8x 10G switch the WAP PoE switch was originally directly connected to.
I have also taken off the ‘Detect rouge DHCP’ to see if that would make a difference.
Still no good.
Have tried regressing back to the 6.6.73 firmware (WAPs are currently on 6.6.78) and whilst the firmware seemed to download and Unifi seemed to show a loading of it, after the restart it still shows 6.6.78.
No change to the ability of the WAP’s to get SHCP requests.
Most of our wired PC’s and other devices are connected to a 24x 1G & 2x 10G MT switch which also connects to the 4x 10G switch and these all work fine with the lan DHCP server.
Have found another Mikrotik vendor who seems to have stock so will probably order tonight.
Thanks to everyone for their help, advise and suggestions.
This is a fallback address that UniFi devices grab when they cannot communicate to the network’s DHCP server. It is also going to cause massive problems not just if two devices try to be the same IP but three of them. lol.
So it is a network configuration issue like I thought. The new switch being in routerOS mode is doing something wrong and not allowing requests to pass, likely trying to create its own subnet sort of thing.
You should also never be using 192.168.1.20 on a network for any static IP or DHCP address pool when using UniFi devices due to this fallback behavior. And getting a new AP will not solve your underlying problem here, you need to get your network configured properly first and foremost.
Maybe a bit more clarity on the 192.168.1.20 IP address.
Initially the WAPs would not be adopted after the 4x 10G switch was added to the network. After discovering the WAPs defaulted to .20 and that the printer was on .20 I changed the static mapping for the printer and only connected each WAP one at a time to adopt and then set static mapping on them. Both WAPs then had individual IPs statically set without any duplicate IPs on the network.
The issue persisted. No DHCP was possible from the PFSense router. Only the Unifi WAPS were affected. The GLNet WIFI router connected via the same PoE switch had no issues.
The WAPs worked fine when the PoE switch was connected to my 8x 10G switch (also in RouterOS mode). The RouterOS config was checked between the 4x 10G and the 8x 10G switches and both seem to be in line with each other. Connecting back to the 8x 10G switch (removing the 4x 10G switch from the network chain) did not resolve the issue.
The 4x 10G switch has been factory reset to make sure it was not an open box unit and had something unexpected previously configured but still no change.
Connecting the new Mikrotik cAP-AX WAPs to the same PoE switch results in them being able to obtain IP addresses without issue. Getting WiFiWave2 setup on one of my RouterOS switches (RouterOS 6…) seems to be more of a challenge but I will start a new thread on that so any information can be more easily found for others who have an interest.
The problem seems to be with the NanoHD WAPs and not the network setup.