New UniFi Controller Hostname Service
As we setup more and more clients to use the MyPlace guest portal for Ubiquiti products we started to see that most clients do not have their UniFi controller as accessible as it should be.
The guest portal or external portal server utilizes the unpublished UniFi API, and like all API’s it requires a secure https connection to work. To achieve a secure https connection to the network controller it needs to be accessible via a FQDN hostname or url with an active SSL cert. FQDN in this instance means fully qualified domain name
The hostname works by resolving via DNS directly to the controller host IP address. The controller host can have many forms, but most typically it is one of the following:
- UniFi Dream Machine (UDM) or Dream Machine Pro (UDM Pro)
- Cloud Key (Gen 1 or Gen 2)
- Running on virtual machine on AWS or similar hosting platform
- Running on a central on-prem server
- Running on a local computer with internet access
The hostname is created and DNS settings or configuration will resolve it to the the public IP address of the controller host.
UniFi Controller Hostname Request
Controller Hostname IP
In addition to resolving the hostname to the public IP address of the controller, a port forward will also need to put in place to route the traffic from the public IP address directly to the controller host (UDM, cloud key etc)
You should check with your ISP that your public IP is static. If the public IP is not static then it is subject to change and this will mean that your hostname will resolved to the wrong public IP
The introduction of the new Ubiquiti software changes how this is applied as all new controller devices that run the new UniFi OS platform require the port forward to be on port 443, whereas all other controller hosts would need to have a port forward on port 8443
The devices that run the new UniFi OS, at time of writing, include the UDM and UDM Pro, as well as the Cloud Key Gen 2 devices. All other controller host devices are running the standard controller software
The router in the location should also be capable of allowing traffic through the ports mentioned above. You can connect directly to your router to make sure these ports are not being blocked or restricted
How do I access the UniFi controller directly?
The new UniFi OS cloud platform is a radical change in how Ubiquiti deliver their solutions. It is a centralized cloud access platform for their 4 main product categories, as listed below:
To access the controller independently of the cloud platform, you will need to set up a local only user for access locally to the controller
Using these local user credentials and a FQDN url with SSL cert, you will be able to access the Ubiquiti controller for all applications remotely via the web, without having to go through the centralized cloud platform
This direct route to the controller is required if you want to use a custom guest portal or captive portal to authenticate guests. The guest portal can be used to capture guest email before they get connected to the internet
Override Inform host
This settings changes the inform url, and contains the set-inform command to instruct devices where they should inform back to the controller.
It can work well where the controller is hosted on AWS or another virtual machine, as the devices retain the url of the controller host in a situation where the controller IP address might change. The controller hostname IP setting is an important feature.
The override inform host is a powerful feature and should be used with care as connected devices (AP) will need to manually accessed via ssh or other method if this setting is incorrectly applied
Default Site ID
The UDM and UDM Pro, as well as the cloud key Gen 2 typically have the site ID as set to default. This is ordinarily not an issue, however if you require the site ID to be unique then you will run into difficulties in this example
The API works using the site ID in the controller hostname url and if there are multiple site ID’s as default then this will cause duplicate entries in whichever system you are using to communicate with the devices
Any new device added will need the inform host with controller details applied to the AP. The host with controller hostname will act as the default controller for API endpoints.
Access the controller settings independently can give more flexibility and options to login to fix in a remote scenario. It is also useful to have this direct route if the Ubiquiti cloud service is down or inaccessible
Free service for MyPlace customers
As part of our service to our customers, we are happy to provide a free FQDN with active SSL cert to all MyPlace customers
It is a really useful option to have, not only for utilizing the API for guest email capture, but also as an extra option to enable web connectivity without going through the new OS cloud platform
To request a custom hostname that will resolve to your controller host, please complete the details on this page. Don’t forget put your port forward in place first on your static public IP