Might want consider the UCG-Max instead that was released after I made this video: kzbin.info/www/bejne/m2i5iJeambKUo9k

50:28 if you use vlans for example iot, then just set also to 'block all' in tagged vlan. Because when someone clone the mac address of any device of default network it can be accessed by this port as you did not block other traffic -security risk

Hey Bogdan...this was a great set up and very helpful video. I have a customer that has Comcast/Xfinity as their ISP and paying for 2.5G download speeds. Customer has purchased a Dream Machine Pro SE and (2) Enterprise 24-POE Switches that support (12) 2.5G POE ports. I connected the their Xfinity Router 2.5G port to the Dream Machine 2.5G port and used 10G uplink cable between the two switches. I ran a speed test in the dashboard and I'm getting close to 2.5G speeds from the ISP. Customer purchased a total of (7) U7 Pro AP's and connected them to the individual POE+ 2.5G ports which also show 2.5G connectivity. I have a laptop with a 2.5G ethernet port and when connecting to the individual 1G or 2.5G ports of the switch, my speeds throttle down to about 300mpbs consistently. When I connect to the 1G ports on the Dream Machine I get closet to 1G. All the ports are set to auto negotiate and have tried different combinations and I get the same result. I would've expected to see around 2-2.5G on the 2.5G ports and close to 1G on the 1G ports but all of my speeds throttle down to around 300mpbs from a hard wired perspective. Yet on the Wi-Fi I get around 800mbps setting them to the 80mhz channel width on the 5G network. Thought I'd reach out to see if you'd ever heard of this strange occurrence. Thank you.

Hi Bogdan, thanks for the content. Would you please make a video that shows how to remotely access Unifi controller from a different network.

15:31 timestamp, I updated the name from "default" to "Management." First, I navigated to Settings (gear icon) > System > Advanced > Interface and switched to "Legacy." In the Legacy UI, I went to "Networks," edited the default name to "Management," and saved the changes. Then, I returned to the new user interface by selecting User Interface > New User Interface.

By far, the most comprehensive and easiest (All-in-one) setup guide I ever seen. Good job, liked and subbed! 👏

Can a specific laptop, for example, be on 2 VLANs? Maybe part of the same question, how does staff back up to or use the network storage if they are on a different VLANs?

great video.If i have the unifi network in VM and physycal switch 16port- can i change the default IP because i canf find the opcion you show on the video, also my router its OPNSENSE, Thanks.

38:52 the Wifi Schedule is for times you want to PAUSE the WiFi, not enable it. Your example basically stops the guest wifi from working during business hours 7am to 6pm.

Thanks for this video. I Learned a few new things 👍

Small tip: change the vlan ID of your default vlan. If you leave it at 1 by default it’s super easy to do VLAN hopping even when you disabled intervlan routing.

Great video. I like the long form. You do not waste time with a lot of chit chat either

What would it be different or recommend for creating Guest WiFi and IoT WiFi from the Network app or from the Identity Enterprise Portal? Thanks in advance, great video.

Hi. It is a very useful instruction. But could you film an instruction further regarding VLAN - Security (surveillance cameras, sensors...) with setting the rules for the firewall, for this network to be secured?

I removed my remark on the firewall usage as you mention the firewall at the end. It would be worth though doing a video on how to correctly configure the firewall since having separation based on VLANs only is not really a secure setup (and yes, I do understand it is a bit more complex, but just to avoid that lots of people say based on this video: that is all there is to do to have a safe office network 🙃)

If you ever get the opportunity to do this for home, that would be so helpful! I’m slowly learning but I love the idea and modular capability of Ubiquiti’s UniFi stuff and I’m planning it for my house at the moment… I’m just unsure of certain things like can I have my internet line in directly from my ONT or does it have to come through the ISP’s wireless router?

Friend, can you help me configure the Infinity EdgeRouter? I have not been able to solve a problem. I currently have a pool of 5 public IPs, of which I want a private IP to work only with a specific public IP and not use the other public IPs. When I ping the public IP externally, I get to the private IP, but from the private IP it tells me that it is using another public IP, which in this case is the one used by the EdgeRouter to connect to the Internet.

What software are you using for your rack and Network diagram?

Great work Bogdan. Thanks for the clear straight explanations about udm se. At network 8.4.62 is shown Internet Source IP / NAT with options to choose. Where this come from - how to erase change ?

what should I do if I want a vLan for example "The main network" to enter the "Security" Vlan but the "Security" vLan cannot enter "The main network" Vlan

I'm very interested in what the VoIP profile was. Didn't see in the video. Great Video!!!

Which software are you using to make the network design?

Would you be able to share the network devices and IP schemas?

Great Video... I never considered 10.1.*.* for the networks. Way easier to manage. Can you change them all after inittially setting them up and if so do you re configure all together in one go or do them one by one ?

Very useful thank you ! It would be interesting to see how to deploy a hotspot with SSL, as I don't find any complete, up-to-date documentation on the matter (I tried with a Unifi Express)

Awesome video. Would love to see a followup on the advanced firewall setup tips.

I’m not sure if you mentioned or if i missed it, you didn’t talk about inter-VLAN routing, is it enabled by default or do you have to enable it manually.

please use dark mode on your web browser. we just look to white board screen....

can you do a video where you use a windows server as the AD, DHCP, DNS and still use the UDMSE as your core network.

is it save to use 10.1.1.x as a vlan because a lot of vpns and other services are using these ranges right?

Do you have to input the VLANS number into the switch?

How do you ensure the sound effects match the visuals so well?

What program did you use to sketch your architecture?

Thanks very informative!

Many thanks! You let me understand a lot of things that before was not so clear.

Excellent video. Really helpful

what network design tool are you using?

Hie, thanks for this informative video. Keep it up

Any reason you're not using Private Pre-Shared Keys seeing as though you're not using the 6GHz band?

Hi Bogdan, thank you for sharing your knowledge. Thanks to you, my network is now working great.

Is the AP u6-plus better than the u6-pro?

Awesome Video!

The very first thing I always do after creating my VLANs is to block traffic between VLANs: by default, Unifi Network allows traffic to pass between VLANs (except for Guest VLAN) which is imho very dangerous from a security perspective.

what ios program you use to make those diagrams?

The Ubiquiti Dream Machine (UDM) does not have 2.5Gb PoE ports, which are necessary to fully support the latest high-performance Wi-Fi AP models, such as UniFi’s Wi-Fi 6, 6E and 7 access points. These APs require both higher power and bandwidth (2.5Gb speeds) to maximize their potential..

By blocking printers from the internet they will not receive any firmware updates

@10:30 UBNT are pricks for removing manual adoption. Go to Legacy Interface and you can manually adopt devices. Your deployment here is easy, when you get to a site where you have hundreds of WAP's installed along with switching and need to do this bullsh!#, yeah, another reason UBNT gets pulled out of sites. @15:35 rename default in Legacy Interface. Turn off mDNS unless needed, UniFi known to struggle with lots mDNS traffic. DHCP Guarding also wise. @23:25 UniFi Protect cameras on to the UDM are forced to stay on the DEFAULT VLAN, can not seperate. This is one of the reasons the UDM's are for small offices only, not bigger setups. @27:30 Be careful, this feature (Guest Network) either forces Captive portal despite it being off and also blocks internet access, welcome to UniFi bugs and half-baked firmwares. @33:35 NO, default settings are NOT fine. Turn of band steering, it is extemely well known for connectivity issues. Multicast and Broadcast control highly advised on busy networks.

I like you more and more. I, and the rest of the civilized part of the world, watch with horror how a country which in many ways has been a pioneer country for progress and democracy may now elect a man who, if possible, with a calm hand, most of all wants to abolish democracy and in the United States, and rule the country as a dictator. His innermost desire is power for himself as a person, and how many innocents it ends up killing is totally irrelevant to him. I simply don't understand how anyone can vote for a guy like him. If this was all a joke, we'd all be laughing, but as it is, we're crying and hoping that sanity and Kamala Harris prevail to the joy and gift of everyone in America

Was there a reason you didn't use the Ubiquiti Cable Modem?