Reviews, Technology

Unifi and basic features missing

Posted by Bill Koulouris on

A couple of months ago, I decided to change my home network setup and tried to use the new Unifi UDM Pro as my router/firewall.

I was using Unifi’s Access Points and I was impressed both by their performance as well the management platform they have, allowing to have a holistic view of the Wi-Fi performance and coverage in my home.

So after replacing my internet firewall (Fortigate) with the UDM Pro, I realized why there were so many comments about the UDM being far from a professional device.

What is it missing (not in order of criticality/priority):

  1. It can not act as an NTP server for the internal networks. Having more than 60 clients (a lot of IoT – automation related devices), I do not want them to connect to the internet for ntp syncing but rather use the gateway as the ntp server. Something that the Fortigate was doing with one tick in the GUI.
  2. It does not offer SSL VPN functionality (??? how is this feature omitted in our days!).
  3. In case you connect to the internet through PPPOE with a dynamically assigned IP address (not static) the L2TP VPN does not offer the capability to assign the dynamically assign IP address to the configuration. This is my case which means it is useless.
  4. The GUI (new interface) has many glitches and not all the options presented to the classic interface which means you need to switch between the two.
  5. There is no option to open a console from the GUI for CLI access which means you need to SSH with a terminal client for CLI access.
  6. Management of the firewall rules through the GUI is nowhere near that of a pro device such as the Fortigate and believe me this is very important when this is your doorway to the internet.
  7. Syslog settings are very confusing and I am getting either too much information (debug level) or somehow when I try to fine tune the level of the messages, I fail to receive most of the useful information I need for “forensics” or troubleshooting. I solved this by using Splunk. With the Fortigate, I could fine tune the information generated to the messages I really needed and I could find what I needed without the use of Splunk.
  8. The DHCP server (it could be just the GUI) behaves erratically specially when you try to change the IP of a device to a static one. On the GUI, the device is shown alternating the two IPs (the old one and the new – static one)
  9. If I try to use the WiFi AI feature or the Auto-Optimize Network, the behavior of the network becomes quite unstable (although I must admit that this feature was behaving erratically even in my previous configuration with the unifi controller managing the Unifi Access Points – So it is not a bug related to the UDM Pro but a general one)
  10. Time based Firewall Rules (Great for families!)

All in all, the UDM Pro is trying to be a modern gateway but with all of the above missing and with no “known” roadmap from Unifi to fix/implement these features, I must say that I am quite disappointed.
It is a “NOT Recommended” from me.

Closing, I wanted to say that since the UDM Pro is built on Linux (and there are many articles out there that explain how someone can run containers within the UDM), Unifi chooses to ignore the many requests they receive in the Unifi Community for such features when they can easily implement most of them!…

Leave a comment