Ubiquiti question

[Velvis]

I have installed and configured a number of Unifi networks the last few years replacing the ISP router completely.

A home user is looking for a new network system (switch, POE access points) but he wants to keep Comcasts modem in place, so Comcast is able to help him if he needs to call for support.

He also doesn't necessarily need Wi-Fi where the network equipment is located in his basement. (from there it feeds the POE access points upstairs).

Is there anything I should be aware of when keeping the Comcast equipment in the loop? Is there a reason to choose a dream router over a Unifi Express?

 

[mmerry]

Do they really need 10GB? If they want to eventually put in Unifi cameras, Dream Router can control a small amount where the express is only network, no protect.

 

[HCHTech]

he wants to keep Comcasts modem in place,

What is your setup when you eliminate the Comcast modem? Their main feed is Coax - what are you installing that allows Coax input?

 

[Velvis]

What is your setup when you eliminate the Comcast modem? Their main feed is Coax - what are you installing that allows Coax input?

I have never setup Unifi equipment with someone who uses Comcast. With Verizon I always just go straight from the ONT, so I had never thought about it before now.

 

[YeOldeStonecat]

We just bridge the Comcast gateway...so the public IP passes to the WAN port of the Unifi gateway.
Unifi gateway works with any internet connection that has an ethernet handoff...(or SFP handoff for higher end Unifi gateways).

Technically you could just use Unifi switches and APs....and not use a Unifi gateway...but you're throwing away some of the capability of the whole Unifi system. We have done quite a few installs in the past where we had (still have) linux firewalls with Unifi switches and APs....no Unifi gateways. But we've been busy replacing those linux firewalls with Unifi gateways....and we just bridge the ISP gateway.

 

[timeshifter]

The UniFi Express is so puny and slow. I regret the handful of them I put in. Even on tiny networks the UI is excruciatingly slow.

 

[YeOldeStonecat]

Agreed....the Express..painfully slow booting up and managing it.
Runs traffic fine for a small network, never looked at throughput.
Kinda cool how you can have several of them...connected..and the others will be clients.

 

[HCHTech]

We just bridge the Comcast gateway..

Yes, this is what we do in business installs as well - warning, though....don't click that big red shiny button in the interface that says "Bridge Mode". It's a trap! haha. Just Turn off DHCP & Wifi instead. Oh, and call Comcast to have them disable that horrible "Security Edge" service on the account or you're gonna have a bad time.

I misread the OP and thought there was something I had been missing! I've never tried this in a residential setup, I just disable the native wifi and hang the APs off their own PoE switch. Keep the Comcast modem in place doing DHCP.

 

[YeOldeStonecat]

Yes, this is what we do in business installs as well - warning, though....don't click that big red shiny button in the interface that says "Bridge Mode". It's a trap! haha. Just Turn off DHCP & Wifi instead. Oh, and call Comcast to have them disable that horrible "Security Edge" service on the account or you're gonna have a bad time.

I always do...hit "Bridge Mode" (for the residential XFinity gateways). (slide the button to the left). Disables DHCP, disables wifi, and...turns it into a pure old fashioned bridged modem. Gotta connect the WAN port of your own router to the bottom right port on the back of the XFinity gateway...it's the only switched port with a red mark next to it. The other ports are disabled. You can always get back to the gateways login page by manually putting a 10.0.0.0/32 address on a computer...and hitting up 10.0.0.1 again.

For business gateways, if client has a static IP, there's a different setting to hit, you don't bridge the rez gateway, I just leave DHCP on in the router, do the public IP passthrough setting..and then assign that static on the WAN port of our own gateway.

And yeah, disable the security edge...it's weird and causes frequent issues.