What's the deal with Unifi's NG Gateway Pro?

[HCHTech]

I am quoting a wifi setup for a large home remodel and was looking at the possibility of using a complete Unifi stack. We use Hostifi's hosted controller, so the only two possibilities for Unifi routers are the USG and the Next Generation Gateway Pro. They will have gigabit internet service, so the USG is out. The dream machines can't use a hosted controller so they are out. This is a 4-story 100 year old house with stone and brick interior walls and 3 chimneys for the various fireplaces - so lots of APs. Probably 12-16 inside and 4 outside based on our walkthrough. They are doing tons of ethernet wiring, home theatre, smart lights, home automation stuff, security cameras, the works.

I'm looking at the specs for the NG Gateway Pro, and it strikes me as under-ported. 2 WAN ports and 2 LAN ports. Which makes me think I might be misunderstanding it's use-case. What exactly is the intended setup of this unit if it's only got 2 LAN ports? Are they essentially requiring L3 switches and VLANs for everything, then? It's $500, so definitely not an impulse buy, but it would be a small part of budget for a job this size - I'm just not sure it's the right thing.

What do you think?

 

[Markverhyden]

A few observations.

10gb ports aren't cheap yet.

If you read their blurb it's pretty clear that they are looking for a specific market dual WAN for fail over. Don't know if you can also aggregate the 2 ports for load balancing. The two 10gb LAN ports. They claim they're looking at medium to large size networks. I've seen enough of them to know L3 switches are regularly used as core, often via fiber, for the distribution switches.

That being said Ubiquiti is getting to be kind of annoying. They'll apparently sunset equipment without clear, or at least somewhat compatible models. USG3 is perfect for small businesses. Love the cloud controller. So they've come out with Dream Machine line. But no cloud controller. Got a potential project and we're not pushing USG3. While there's' no official announcement constant lack of inventory usually precedes discontinuation.

 

[timeshifter]

The dream machines can't use a hosted controller so they are out.

I’ve recently noticed that it’s not too bad, easy to access from the portal.

But I guess you give up the ease of maintaining one controller.

 

[Sky-Knight]

@timeshifter The problem with the UDM is the fact that when the UDM dies the controller is dead. And replacing the router also means replacing the controller. It's just more work!

 

[thecomputerguy]

I might be doing something wrong but I love the UDM devices, they are fast and easy to work with, and open up a lot of options. I don't know what the hostify status is but I have a smattering of 10 or so mix of UDM's and UDM-SE's in the field.

I know their firewall can be weak but I just fire them up and do the initial setup on my phone via Bluetooth and then once it's linked to my account it just shows up on the list with all my other UDMs and it's super easy to manage and update firmware etc. It is a little more manual because you have to log into each one individually but it's just one click because they are all in my account backed up by 2FA of course.

Then once setup the configuration is backed up weekly to my account and can be accessed via my profile so ... Cloud backups.

That and the unify app is REALLY NICE for management.

Im replacing all my USG's in the field with UDMs slowly mainly because I never got into the hostify stuff so a lot of my USGs were or are using CKv1 and those things just absolutely suck now.

A lot of time they just disappear and can't be managed via cloud anymore and they firmware gets stuck or the controller software updates fail, and they're slow.

But then again most of my clients are under 15 endpoints so I'm small time and I'm also pretty dumb.

I prefer to keep everything uniform so you'll see almost all my clients outfitted in full ubiquiti gateways, aps, and switches.

I'd rather tell the client they have to wait than break that uniformity.

 

[timeshifter]

Ubiquiti is offering a hosted controller for $29 per month. A total of 500 devices if I recall correctly. I'm using it and it's works pretty well.

 

[thecomputerguy]

Ubiquiti is offering a hosted controller for $29 per month. A total of 500 devices if I recall correctly. I'm using it and it's works pretty well.

Can you explain to me how that's different then just adding all the UDMs to my account and managing them from that single plane of glass?

 

[YeOldeStonecat]

I love the UXGs....
We use them a lot, 10 gig LAN downlink, plug into your "top of the rack" switch (often an aggregate switch that all the other switches uplink to via 10 gig)...or downlink to your <whatever size> switch. Hopefully 10 gig downlink but if a smaller switch, the 1 gig has to suffice.

I see it's applications more in line with larger networks, so you're going to have more switches, usually larger switches.
It's not meant for the smaller setups where you'd want 4 or so LAN ports like some residential router. For those you'd use the Dreamies...got the regular old white pill shaped Dream Machine, got the newer pill shaped Dream Router, got the Dream Machine Pro (rack mount), and got the Dream Machine Special Edition (rack mount...SE offers POE on the LAN ports and a couple of other minor upgrades) We use the SE quite often also.

I do wish UI would do something to either get the USG3P going again, or replace it with something and announce its retirement. I suppose we do have its replacement with the UDM and the UDR....but, I would like one without a built in controller...like the USG3P was. A few weeks ago some people in UI forums were stating that there were at least several days across last month where STORE.UI.COM had some USG3P in stock..usually sold out within a few hours, and then more a couple of days later...sold out again. So it was like they either had small batches made, or...they kept finding a pallet of old stock here an there and listed it...lol. I failed to get any...wish I'd had gotten a dozen or more. I do like those for small <25 networks.

While the v1 cloud keys sucked, the later v2s (still white with the button on the side), and the later Gen2's....have been solid for us. And honestly the Dreamie variants have all been rock solid. We did have one die, we provide network equipment for a very high end home entertainment install company that does sound systems and lots of IoT/home automation installs for kajillionaires homes. They were prepping a summer home last week ahead of owners arrival and found a lot of stuff zapped...their UDM Pro included. While the controller is built in, it's wicked easy (if you had online backups turned on)...just fire up a new unit, once you tie it to your cloud acccount, you can restore from an online backup in your cloud account, scroll through all your various customer site backups and select the one you want, BOOM, DONE in mere minutes. Heck of a lot quicker than the old way of replacing Unifi gateways.

I do wish stock would improve....very recently one of the UI guys did make a post in one of the FB Ubiq groups that stock avail is improving really soon. Crossing my fingers.

While I prefer Hostifi...we really try to just use those for clients we have on one of our level MSP plans. For "one-off" installs, where we don't have regular MRR from that client, we'll try to use a Dreamie so they're in our unifi.ui.com portal.

 

[YeOldeStonecat]

Can you explain to me how that's different then just adding all the UDMs to my account and managing them from that single plane of glass?

I think it's for devices without a built in controller. Sorta like what Hostifi is doing....you provision your device (like a USG3p, or UXG, or switches or APs). Not for networks using a Unifi gateway with a built in controller like a Dreamie.

 

[Markverhyden]

Can you explain to me how that's different then just adding all the UDMs to my account and managing them from that single plane of glass?

Doesn't that only work with Chrome? Other than that, as you mentioned elsewhere, it's just an additional mouse click for each site. I got into self-hosting the controller back when UCK G1 was out and crashing a lot.

 

[thecomputerguy]

Doesn't that only work with Chrome? Other than that, as you mentioned elsewhere, it's just an additional mouse click for each site. I got into self-hosting the controller back when UCK G1 was out and crashing a lot.

No idea, all I use is chrome anyways.

Yeah all of my cloud key v1 have problems intermittently, they are slow, connectivity is spotty, and the backups to the sd slot same to stop working whenever they want.

I have one gen2 in the field and it seems to be as reliable as the UDMs but I just throw UDMs everywhere now whether or not the client has a rack for me to install to.

I just put one in a clients house last week and removed her 8p Ubiquiti switch along with it and used the built in 8port Poe to power their 4 APs.

The UDMs are really a very good all in one device. The main thing I keep hearing about is their firewall isn't great but honestly I'm not even sure what the means since I don't ever open ports and I've never paid for or experienced a subscription based firewall in a gateway.

Also no idea what their threat detection does I probably need to spend more time on learning that.

I usually just drop a UDM, a 48port Poe switch, and some APs and call it good. And it works ... It works well.

 

[HCHTech]

@thecomputerguy & @YeOldeStonecat , when you do a setup that you manage from your unifi.ui.com portal, do you setup a secondary admin account so the client has access? For residential installs, I like to do this just because most folks ask for it, and it doesn't lock them to my service so much. Admittedly, though they don't really use it, haha.

 

[YeOldeStonecat]

@thecomputerguy & @YeOldeStonecat , when you do a setup that you manage from your unifi.ui.com portal, do you setup a secondary admin account so the client has access? For residential installs, I like to do this just because most folks ask for it, and it doesn't lock them to my service so much. Admittedly, though they don't really use it, haha.

Some of our clients do like to have access, yes....so I set them up. I'd say, less than 10% of the network sites we have in our unifi.ui portal have asked for that. We have about 85 sites in our unifi.ui portal...and that got me curious about our Hostifi account, got about 130 sites there.

 

[thecomputerguy]

@thecomputerguy & @YeOldeStonecat , when you do a setup that you manage from your unifi.ui.com portal, do you setup a secondary admin account so the client has access? For residential installs, I like to do this just because most folks ask for it, and it doesn't lock them to my service so much. Admittedly, though they don't really use it, haha.

No never. It isn't even worth the time spent doing it. There's a higher chance if they get in they will mess something up, and there's the highest chance that if they try to get in they won't remember how, or won't remember the password they gave me 11 minutes prior.