Scenario:
This scenario will explain how to managed UniFi Access Points across multiple subnets with only one UniFi Controller.
Important:
As of writing there is currently an issue with adopting UniFi Access Points across multiple subnets. As a result we have adopted our UniFi Access Points with the Controller above on the same layer2 subnet before relocating the Access Points to different subnets.
Basic MikroTik Router Configuration Example
# Configure WAN Interface:
/ip dhcp-client
add disabled=no interface=ether1
# Configure DNS:
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
# Configure IP Addresses for each subnet:
/ip address
add address=192.168.1.1/24 interface=ether2
add address=192.168.2.1/24 interface=ether3
add address=192.168.3.1/24 interface=ether4
# Setup DHCP Servers for each network:
/ip pool
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254
add name=dhcp_pool2 ranges=192.168.2.2-192.168.2.254
add name=dhcp_pool3 ranges=192.168.3.2-192.168.3.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether2 name=dhcp1
add address-pool=dhcp_pool2 disabled=no interface=ether3 name=dhcp2
add address-pool=dhcp_pool3 disabled=no interface=ether4 name=dhcp3
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1
add address=192.168.2.0/24 dns-server=192.168.2.1 gateway=192.168.2.1
add address=192.168.3.0/24 dns-server=192.168.3.1 gateway=192.168.3.1
# Configure NAT to allow all networks to access the internet:
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
Configure DHCP Option 43 allow UniFi Access Points on other subnets to find the UniFi Controller's IP Address:
Note: The Value is divided into 3 (01=suboption), (04=length of payload - this must be 4), (C0A8030A=192.168.3.10 - Controller IP Address converted to HEX).
/ip dhcp-server option
add code=43 name=unifi value=0x0104C0A8030A
/ip dhcp-server network
set 0,1,2 dhcp-option=unifi
You can now relocate your UniFi Access Points to there destined subnets. They should now connect to the controller and are now ready for Layer3 management.
For more information please visit the Ubiquiti UniFi FAQ page here.
sorry, i have a question:
ReplyDeletewhy set 0,1,2 ??
If you type the following command "/ip dhcp-server network print" you will notice each network/setting has an id starting at 0. in this case we have 3 networks the first with an id of 0, the second and id of 1 and the third with an id of 2. this makes it easy to apply a change to multiple settings at ones (in our case adding dhcp-option=unifi to these 3 networks with one command). I hope that makes sense!
DeleteHey Ya,
ReplyDeleteCan make life even easier, just been bringing all my UniFi's into a single controller too... Here's one from my own FAQ.
To Reset a UniFi Misbehaving
SSH into your UniFi and
syswrapper.sh restore-default
To provision UniFi to a dedicated IP
SSH into your UniFi (make sure you above 2.2 on the Firmies)
Login: ubnt:ubnt
BZ.v2.3.2# mca-cli
UniFi# set-inform http://unifi.mynetwork.com:8080/inform
Login to controller and accept / adopt radio
Then run again to lock it in.
UniFi#set-inform http://unifi.mynetwork.com:8080/inform
this will hold the Controller IP.
Maybe this video will give you full explanation.
ReplyDeletehttps://www.youtube.com/watch?v=NOQ5mf2188o
Nice find - thanks :)
Delete