Unifi Network on FIOS keeps disconnecting

Velvis

Velvis

Well-Known Member
Reaction score
47
Location
Medfield, MA
A client keeps experiencing loss of internet a couple of times per day since yesterday. Verizon said everything is good on their end and reset the connection on their end. I have restarted the USG, Cloud Key, and the main network switch.

Any ideas what might be causing this and is there a place in the Unifi dashboard I can see when and where this is happening?
 
First, you can never believe what Verizon tells you. All they can do is verify that their network can see their ONT (Optical Network Terminal) and that it is "on" at the time they ping it. They can't tell you if they have an intermittent problem.

In the Unifi Dashboard, you can look at the logs on the bottom left of the menu bar. If you see that the WAN connection has been lost, it's likely the ONT itself.
 
I don't see anything in the system log about the WAN connection and nothing that correlates to the timing of the outages.

Obviously, when they lose connection, I can't login, but is there way to see what happened after the fact?
 
Last edited:
OHHHHHHHHHHHHHHHHH buddy! I just dealt with this!

Clients internet was slow and cutting out randomly for no reason. The ONLY way I was able to solve this on the Ubiquiti stuff was to log into the controller ... make sure you have at the VERY least Intrusion prevention ON and Detection mode set to AT LEAST Notify, best is notify and block.

Just select all of the active detections and I have still not had a client with an issue ... so just enable them all.

1748973976097.png






Next you MONITOR and how do you monitor? In Insight > Flows > Threats

It's possible your client might have a device on the network blasting up their upload and possibly even being a part of a botnet. That or the client might be being attacked ... all of which Flows will help you identify.

1748974134221.png


For Reference: https://www.technibble.com/forums/t...tely-without-opening-ports.91871/#post-772923
 
Last edited:
So, I immediately received 15 possible threats (I have it set to only notify at the moment) coming from 2 different Macbook Airs:

IPS Alert 1: Executable Code was Detected. Signature ET SHELLCODE Possible Call with No Offset UDP Shellcode. From: 206.247.5.107:8801, to: 192.168.1.138:65423, protocol: UDP

IPS Alert 1: Executable Code was Detected. Signature ET SHELLCODE Possible Call with No Offset UDP Shellcode. From: 206.247.5.107:8801, to: 192.168.1.190:50029, protocol: UDP

Any ideas what this is?
 
I'm not sure if this IP is a problem ... I don't like IP's from San Jose because it is a common VPN entry point from malicious actors but this IP might be OK. In which case you may not have an attack issue it might be something else.

1748976367143.png
 
I recall quite a few posts back in the day of the USG3P....of its WAN port not auto negotiating well with the ONTs ethernet.
Some people put a little 5 port switch in between.
Those older (discontinued) USG3P models...when you enabled the security filtering...their CPU only allowed for about 85 megs throughput.

We had a hundred of so of those out in service, barely a couple left with old unmanaged clients. Replaced most of them either with Dream Machine Pros, or...Cloud Gateway Max or more recently...the incredible, $129 Cloud Gateway Ultra (pretty much the direct replacement for the USG3P..except luckily built in cloud controller).
 
YeOldeStonecat said:
I recall quite a few posts back in the day of the USG3P....of its WAN port not auto negotiating well with the ONTs ethernet.
Some people put a little 5 port switch in between.
Those older (discontinued) USG3P models...when you enabled the security filtering...their CPU only allowed for about 85 megs throughput.

We had a hundred of so of those out in service, barely a couple left with old unmanaged clients. Replaced most of them either with Dream Machine Pros, or...Cloud Gateway Max or more recently...the incredible, $129 Cloud Gateway Ultra (pretty much the direct replacement for the USG3P..except luckily built in cloud controller).
Click to expand...

That is a nice looking product ... I just wish they would make an affordable 5 port Gateway with a built in AP, with POE, with a Controller.
 
thecomputerguy said:
OHHHHHHHHHHHHHHHHH buddy! I just dealt with this!

Clients internet was slow and cutting out randomly for no reason. The ONLY way I was able to solve this on the Ubiquiti stuff was to log into the controller ... make sure you have at the VERY least Intrusion prevention ON and Detection mode set to AT LEAST Notify, best is notify and block.

Just select all of the active detections and I have still not had a client with an issue ... so just enable them all.

View attachment 17581






Next you MONITOR and how do you monitor? In Insight > Flows > Threats

It's possible your client might have a device on the network blasting up their upload and possibly even being a part of a botnet. That or the client might be being attacked ... all of which Flows will help you identify.

View attachment 17582


For Reference: https://www.technibble.com/forums/t...tely-without-opening-ports.91871/#post-772923
Click to expand...
So in summary, you think something from the outside was hitting your network and messing it up? (or something on the inside was)
 
YeOldeStonecat said:
I recall quite a few posts back in the day of the USG3P....of its WAN port not auto negotiating well with the ONTs ethernet.
Some people put a little 5 port switch in between.
Those older (discontinued) USG3P models...when you enabled the security filtering...their CPU only allowed for about 85 megs throughput.

We had a hundred of so of those out in service, barely a couple left with old unmanaged clients. Replaced most of them either with Dream Machine Pros, or...Cloud Gateway Max or more recently...the incredible, $129 Cloud Gateway Ultra (pretty much the direct replacement for the USG3P..except luckily built in cloud controller).
Click to expand...
So you recommend replacing the USG and Cloud Key with the Cloud Gateway Ultra?
 
Velvis said:
So you recommend replacing the USG and Cloud Key with the Cloud Gateway Ultra?
Click to expand...
I do.
The USG-3p has been discontinued,....UCG-Ultra is its replacement (at nearly the same price).
The cloud keys are rarely avail, AFAIK not "officially discontinued yet"...but ...I'm glad to have retired our flock of cloud keys.
We have about 1/3 of our clients Unifi networks ...at Hostifi....for those devices without built in controllers.
And about 2/3 of our clients Unifi networks...that are running on built in controllers....over in our account at unifi.ui.com

We still have about a dozen of those replacement power supplies for the USG-3p....where the originals had a high failure rate. Gives the appearance of the USG having nearly died....but 99.9% of the time it was a faulty power supply.
 
YeOldeStonecat said:
I do.
The USG-3p has been discontinued,....UCG-Ultra is its replacement (at nearly the same price).
The cloud keys are rarely avail, AFAIK not "officially discontinued yet"...but ...I'm glad to have retired our flock of cloud keys.
We have about 1/3 of our clients Unifi networks ...at Hostifi....for those devices without built in controllers.
And about 2/3 of our clients Unifi networks...that are running on built in controllers....over in our account at unifi.ui.com

We still have about a dozen of those replacement power supplies for the USG-3p....where the originals had a high failure rate. Gives the appearance of the USG having nearly died....but 99.9% of the time it was a faulty power supply.
Click to expand...

Ya want more power supplies?:cool:
 
YeOldeStonecat said:
I do.
The USG-3p has been discontinued,....UCG-Ultra is its replacement (at nearly the same price).
The cloud keys are rarely avail, AFAIK not "officially discontinued yet"...but ...I'm glad to have retired our flock of cloud keys.
We have about 1/3 of our clients Unifi networks ...at Hostifi....for those devices without built in controllers.
And about 2/3 of our clients Unifi networks...that are running on built in controllers....over in our account at unifi.ui.com

We still have about a dozen of those replacement power supplies for the USG-3p....where the originals had a high failure rate. Gives the appearance of the USG having nearly died....but 99.9% of the time it was a faulty power supply.
Click to expand...
Anything I should do or do you recommend when I swap out the USG&Cloud with the Gateway Ultra? Or is it pretty straightforward?
 
Is the ONT inside or outside the building? I recently had a client who had similar on/off issues until they lost internet entirely. The ISP stated that it appeared fine from their end to the modem. Even the lights on the modem indicated that the inbound connection was fine, but the outbound connection was dead. Faulty modem, right? Nope. It turns out that wasps had built a nest in the box for the ONT and had slowly eaten through the fiber. It's a full duplex system with an inbound and outbound cable. I had never seen that before. Not likely your problem, but...
 
Mike McCall said:
Is the ONT inside or outside the building? I recently had a client who had similar on/off issues until they lost internet entirely. The ISP stated that it appeared fine from their end to the modem. Even the lights on the modem indicated that the inbound connection was fine, but the outbound connection was dead. Faulty modem, right? Nope. It turns out that wasps had built a nest in the box for the ONT and had slowly eaten through the fiber. It's a full duplex system with an inbound and outbound cable. I had never seen that before. Not likely your problem, but...
Click to expand...
It is inside.
 
thecomputerguy said:
Ya want more power supplies?:cool:
Click to expand...

Velvis said:
Anything I should do or do you recommend when I swap out the USG&Cloud with the Gateway Ultra? Or is it pretty straightforward?
Click to expand...

There are several ways to do this...
*You can do a migration of controllers.....export/import. I consider this option more often when working with larger, complex network sites...with many devices and settings.
*You can "forget" devices in the old site, and "adopt" in the new site. I tend to use this more often for smaller networks/sites, with fewer devices and simple settings. IMO it's cleaner....you don't end up importing "old data" which may gunk things up. Such as with yesterday task we did, upgraded a clients network to a UCG-Ultra...their prior site was just a switch and a few APs....had an old Edge Router at the edge. Was easy enough to change the LAN setting of the UCG-Ultra to match their current network....recreate the wireless SSIDs and passwords, "forgot" devices in old controller, "adopted" in the UCG-Ultra...boom, done in under 15 minutes.
 
Are you connecting to their modem or directly to the ONT? If the former, at least as a test connect the USG directly to the ethernet feed from the ONT. You'll lose the verizon modem's wifi but you can hang a single access point somewhere to replace that. Fewer boxes = fewer problems.
 
You must log in or register to reply here.

Similar threads

HCHTech
New+old Unifi setup struggles
Replies
8
Views
1K
HCHTech
HCHTech
thecomputerguy
Oprah says, "and you get a violation, and YOU get a violation, and YoU get a ViOlation!"
Replies
11
Views
825
DRPCNZ
DRPCNZ
Rigo
Brother MFC-L3745CDW - Network Scanning, not
Replies
14
Views
2K
YeOldeStonecat
YeOldeStonecat
Velvis
Unifi network WiFi slow
Replies
4
Views
920
thecomputerguy
thecomputerguy
britechguy
Today's BSOD, Code BAD_SYSTEM_CONFIG_INFO - What's actually going on here?
Replies
13
Views
1K
fincoder
fincoder
Back
Top