Overview
UniFi OS 4.0.6 adds support for Automatic Failover for Shadow Mode, SNMP, and includes the improvements and bugfixes listed below.
Automatic Failover for Shadow Mode
With Automatic Failover, a secondary Shadow Gateway mirrors the Primary Gateway in order to provide High Availability (HA).
- Both gateways are interconnected using a dedicated high availability link and the configuration and WAN/LAN cabling is mirrored.
- The network connection information is synchronized between the gateways, allowing for immediate failover.
- In the event of a hardware failure, the shadow automatically takes over with minimal downtime.
- Set up Automatic Failover from the UniFi OS Applications page. See theShadow Mode Help Center article for more information.
Bundled application
- UniFi Network8.2.93
Improvements
- Added Automatic Failover for Shadow Mode for the UDM-Pro, UDM-SE and UDM-Pro-Max.
- The same model gateway must be used to enable Shadow Mode.
- Added owner transfers to System logs.
- Added Identity Standard System Logs.
- AddedIPv6 address support for the local portal.
- Addedsystem logs when admins reboot the gateway.
- Added SNMP support.
- Allow importing users with email via CSV files.
- Allow Full Management users to trigger firmware updates.
- Allow removing and deactivating users/admins when Identity is deactivated.
- ImprovedWAN Failover detection.
- Improveddownloading support files.
- ImprovedPPPoE stability.
- ImprovedDHCP Lease accuracy.
- Improvedinitial user list loading speed.
- Improvedinternet status checks.
- ImprovedUniFi Identity user experience.
- Improvedthe stability of WireGuard VPN when using FQDN as the server address.
- Increasedconcurrent DNS queries for Ad Blocking and Content Filtering.
- Improvedthe reliability of issuing static lease IP.
- Improvedthe efficiency of initializing IDS/IPS.
- Improvedspeed test accuracy.
- Improved resiliency.
- ImprovedSFP link stability after reboots/upgrades.
- Improved admin/user removal/de-activationuser experience.
- Improved application installation resiliency.
- Improved memory allocation for Traffic Identification.
- Don't change the timezone automatically after the IP change.
- Do not send a 'ready to update' notification during backup restore.
- Disabledweak MAC Algorithm support for SSH.
- UpdatedTraffic Identification signatures.
- Users/Groups now automatically get an invitation after assigning resources to them.
- Skip password change notifications when enabling SSH.
- Wake up the touchscreen during night mode when there is an active user session.
- Don't automatically enable One-Click WiFi when activating Identity.
- Disable One-Click VPN/WiFi assignment when the service is unavailable.
- Updated HDD reference in push notifications, it will now refer to drives.
Bugfixes
- Fixed high CPU usage due to dnsmasq or honeypot.
- Fixed rare memory leak.
- Fixed gateway configuration issues when using OSPF.
- Fixed an issue whereAuto Update settings weren't restoredafter restoring a backup.
- Fixed an issue where applications could get stuck in the Install/Uninstall Queue in rare cases.
- Fixed an issue where the default route could be missing in rare cases.
- Fixed firewall rule creation issues when multiple ports are specified.
- Fixed an issue where the Internet MAC Address cannotbe setback to the default one.
- Fixed missing Traffic Identification statistics in larger deployments.
- Fixed an issue where re-activated admins couldn't reach the console through unifi.ui.com.
- Fixed rare deadlock issues while using Traffic Identification.
- Fixed an issue where MAC override doesn't work for some MAC addresses.
- Fixed a rare case where PPPoE throughput was lower without using 0 for Smart Queues.
- Fixedan issue where YouTube history didn't work while using Ad Blocking.
- [UDM] Fixed a WiFi kernel crash.
- [UDM-Pro-Max] Fixed incorrect RPS power budget.
Known issues
- During the gradual release rollout there is chance that enabling high availability for shadow mode might fail.
Overview
UniFi OS 3.2.12 includes the improvement and bugfixes listed below.
Bundled application
- UniFi Network8.0.28
Improvements
- Improved configuring fixed speed on SFP ports when the module has a faultyEEPROM.
Bugfixes
- Fixed the inability to send Identity Standard invites.
- Fixed redundant logging to
/dev/tty10
.
Overview
UniFi OS 3.2.9 includes the Improvements and Bugfixes listed below.
Bundled application
- UniFi Network8.0.26
Improvements
- Added notice for speed test during web setup.
- Improved stability around backup restoring.
- Improved Identity user experience.
- Improved Shadow Mode.
- Improved SFP connection compatibility with modules that do not have a proper EEPROM.
- [UDM] Improved PPSK connectivity for some IoT devices.
- Updated integrated Access Point firmware to 6.6.58.
- Reorganized Identity settings.
Identity
- Added the option to enable "Require a Verification Code When Loading a Credential" in the Identity settings. If enabled, users would be required to specify an additional 4-digit code when importing Identity Credentials into Identity Apps.
- Added ability to manage devices that have the Identity App installed in the user's property panel, including status and (re)sending invites.
Bugfixes
- [UDM] Fixed 2.4GHz connection stability issues after changing the channel.
- Fixed an issue where RADIUS certificates were changed while One-Click WiFi was disabled.
- Fixed an issue with establishing Site-to-Site VPNs while Ad Blocking is enabled.
- Fixed a gateway configuration error when enabling Country Restrictions.
- Fixed RADIUS validation failure when a password ends with a backslash.
- Fixed an issue where the IPv6 Single Network was sometimes broken when changing the assigned network.
- Fixed an issue where some system logs filled up the disk space completely.
Overview
UniFi OS - Dream Machines 3.2.7 adds support for Subscription Free UniFi Identity, Shadow Mode, InnerSpace, VLAN Magic, DNS Shield and Loop Protection.
Subscription Free UniFi Identity
UniFi Identity is the new on-premises UniFi user management system, offering lightweight, subscription-free, single-site, unlimited-user access via the iOS&Androidapps. Set up UniFi Identity via the Admins & Users > Users section. See theUniFi Identity Help Center article for more information. Former UID options are now called UniFi Identity Enterprise.
Shadow Mode
With Shadow Mode on the UDM-Pro, you can ensure High Availability (HA) of your network’s gateway to minimize downtime, and provide a reliable failover mechanism in the face of unexpected hardware failures. In this setup, a secondary Cloud Gateway mirrors the configuration of the primary one, and can easily take over full network and management capabilities should it ever fail. See theShadow Mode Help Center article for more information.
Currently, Shadow Mode operates as a “Warm Spare,” meaning some manual intervention is required, however this will become fully automated in an upcoming release.
InnerSpace
The UniFi InnerSpace Application is a powerful deployment visualization tool that allows you view your UniFi system's WiFi and camera coverage over your own floor plan. InnerSpace replaces the Map option in the Console Settings.
VLAN Magic
With VLAN Magic, you can quickly create a new Virtual Network and associate devices to this VLAN by selecting them on the Topology.
DNS Shield
The new DNS Shield feature ensures privacy and security of DNS traffic by encrypting it using DNS over HTTPS (DoH).
Loop Protection
The new Loop Protection feature automatically disables ports on which loops are detected. It does not depend on Spanning Tree and even works when neighboring devices do not support STP. Enable Loop Protection on all UniFi Gateway and UniFi Switch ports via the Port Manager. Ports that are disabled by Loop Protection need to be manually re-enabled.
Bundled Application
- UniFi Network7.5.187
Improvements
- Added Subscription Free UniFi Identity.
- Set up UniFi Identity via the Admins & Users > Users section.
- [UDM-PRO]Added Shadow Mode.
- Added InnerSpace application replacing the Map option in the Console Settings.
- Added VLAN Magic.
- Added DNS Shield.
- Added Loop Protection.
- Added hostname support for IPsec Site-to-Site VPNs.
- Added the console's IP address during setup on the Touchscreen.
- Added max login attempts for SSH.
- Entering incorrect credentials 5 times will block for 3 minutes.
- Added fallbacks to default timezones if unsupported ones are provided during setup.
- Added DNS warnings for consoles that cannot resolve the ui.com domain.
- Allow disabling Remote Access where there are connection issues.
- Improved various screens on the Touchscreen.
- Improved detection of failed disks.
- Disks that cannot initialize will be marked as broken.
- Improved RADIUS stability.
- Improved WireGuard VPN disconnection detection for mobile devices.
- Consoles will no longer erase external storage during a factory reset.
- Updated Suricata to 6.0.12.
- Reduced the console reset button count down from 10 seconds to 5 seconds.
- Updated the UniFi Logo in the local portal.
- Reduced memory usage of Suspicious Activity, Content Filtering, and Ad Blocking.
- Prevent super admins from deleting their own account.
- [UDM] Added LED night mode scheduling.
- [UDM] Updated the fan behavior under high temperature.
- [UDM] Updated integrated Access Point firmware to 6.6.54.
Backup and Upgrades
- Added DNS resiliency for firmware updates.
- Improved UniFi OS backup resiliency.
- Improved meshing stability when consoles are restarting or upgrading.
- Consoles will now always store backups locally before upgrading the firmware.
- Auto recovery is in place in case there is file system corruption after a power outage.
- Reduced network downtime for firmware upgrades.
Bugfixes
- Fixed an issue where the IPv6 address is lost after interface changes until the next RA.
- Fixed unable to start RADIUS service in rare cases.
- Fixed incorrect WAN IP on the portal after remapping the WAN ports.
- Fixed an issue with DNS servers for VPN Client. This applies to the VPN Client feature, not adding clients to VPN Servers.
- Fixed an issue where servers are not reachable for VPN Client due to incorrect certificates. This applies to the VPN Client feature, not adding clients to VPN Servers.
- Fixed an issue where the default route wasn't present when using a static IP on the WAN port.
- Fixed an issue where IGMP Proxy breaks after PPPoE reconnections.
- Fixed an issue where Traffic Routes didn't take effect for existing connections.
- Fixed an issue where Traffic Routes conflicted with Content Filtering.
- Fixed inability to see DPI statistics for setups with large amounts of clients.
- Fixed unexpected behavior when there are multiple Traffic Rules blocking the same domain.
- Fixed unable to establish IPsec Site-to-Site VPN in rare cases.
- Fixed an issue where jumbo frames are forwarded on LAN ports when Jumbo Frames is disabled.
- Fixed an issue where PPPoE MSS Clamping is lost during provisions.
- Fixed Suspicious Activity not working when enabling Jumbo Frames.
Known issues
- PPPoE WAN2 Is Disabled
- Users that have aPPPoE WAN2 connectionandare runningUniFi Network v8.0.24at the time of the UniFi OS update will need tore-enter their PPPoE credentialsto regain WAN2 connectivity.
- We are planning to release a new version of UniFi Network to prevent this from happening while we continue to roll out this version of UniFi OS.
Overview
UniFi OS - Dream Machines 3.1.16 includes the improvements and bugfixes listed below.
Bundled application
- UniFi Network7.4.162
Improvements
- Added the console's IP address to the touchscreen during setup.
- Improved backup restore resiliency.
- Improved stability of installing dependencies.
- Improved device stability.
- Updated the AR pattern on the touchscreen.
- Updated integrated Access Point firmware to 6.5.64.
- Renamed UniFi UID to UniFi Identity.
Bugfixes
- Fixed high CPU usage caused by Traffic Identification.
- Fixed an issue where jumbo frames were being forwarded to LAN ports while it was disabled.
- Fixed unable to reach the internal subnet from L2TP/Teleport VPN Clients.
- Fixed routing table issue when both WANs are configured with the same subnet.
- Fixed issue where QoS on WAN1 affects WAN2 traffic.
Overview
UniFi OS 3.1.15 includes the improvements and bugfixes listed below.
Bundled applications
- UniFi Network7.4.162
Improvements
- Added notifications for settings changes.
- Added disk warning when a space IO error occurs.
- Added lifespan support for KINGSTON OCP0S31024Q-A0SSDs.
- Added notifications for changing SSH passwords in System Logs.
- Added support for IGMP Proxy.
- Added LCM/LED settings to Console settings.
- Added an Internet health widget in the dashboard.
- Added support for modifying the local admin avatar.
- Added more NTP servers.
- Allow grouping devices.
- Allow editing Local Credential when an admin has both UI Account and Local Credential.
- Allow local login using cached UI Account credentials while remote services are down.
- Improved IPsec Site-to-Site VPN stability.
- Improved Admins page UX.
- Improved internet check resiliency.
- Improved stability for installing and upgrading applications.
- Improved storage-related notifications.
- Improved login failure messages.
- Improved UniFi OS update resiliency.
- Improved SSH password validation.
- Improved remote connection resiliency.
- Improved PPPoE connection stability when IP6CP negotiation fails.
- Improved firmware download process.
- Improved Remote Access Login failure reason detection.
- Improved UX for Custom Role editing on mobile devices.
- Improved stability.
- Improved setup UX via mobile apps.
- Updated integrated Access Point firmware to6.5.57.
- Removed the Early Access badge from the Connect application.
- Migrated Direct Remote access feature to UniFi OS.
- Changed the default credentials to ui/ui.
- Uninstalled applications no longer back up.
- Applications are no longer bundled by default. Instead, required applications will prompt to install when new devices are detected.
- Use UniFi Network Native Application for UDM (UDM-Pro still uses the regular UniFi OS one).
Setup
- Allow users to restore specific applications during console setup and in the settings.
- Improved setup speed.
- Updated references to UniFi App on screen while waiting for setup.
- Updated the Privacy and Security page during setup.
- Updated the UI logo during setup and on the screen.
- Disconnect all SSH sessions after setup.
Backup
- Allow restoring backups between different console models.
- Improved Cloud Backup UX.
- Improved backup restore resiliency
- Redirect to the new subnet if the subnet is different after restoring a backup.
- Keep network settings from the setup wizard when restoring a backup file during setup.
- Create backups even if some of the applications fail to export. Failures are reported in the system log.
Bugfixes
- Fixed an issue where MSS Clamping was not applied to the console's outgoing traffic.
- Fixed camera permission assignment issue when doing it through UID.
- Fixed an issue where "Transfer Ownership" would appear for the old owner after transferring ownership.The button did not work for the previous owner.
- Fixed DHCP unicast renew not using the CoS parameter.
- Fixed broken avatars in rare cases.
- Fixed disabled applications are starting after a reboot.
- Fixed missing WiFi Channel information in some cases.
- Fixed some threats that were not being blocked correctly.
- Fixed an issue where Traffic Identification would stop working after some time.
- Fixed console might appear as Offline in the Network application when it fails to fetch Geo-Location data.
- Fixed Suspicious Activity consuming high memory in rare cases.
- Fixed rare Traffic Rules scheduling issues when selecting Saturday and Sunday.
- Fixed missing console update notifications.
- Fixed wireless scheduling.
- Fixed unable to load backups during setup in rare cases.
- Fixed timezone validation issue, preventing console setups.
- Fixed link issue when using a UF-RJ45-1G module.
- Fixed rare ulogd crash.
VPN
- Fixed network connectivity loss when remote OpenVPN Client subnet conflicts with local subnets.
- Fixed an issue where the interface for Teleport VPN stays when disabling the feature.
- Fixed DNS leak when using Mullvad VPN.
Overview
UniFi OS 3.0.20 adds support for Ad Blocking and WireGuard VPN server.
WireGuard VPN
WireGuard is a high-performance VPN server found in your Network application's Teleport & VPN section that allows you to connect to the UniFi network from a remote location.If you are currently using the L2TP VPN server on your Dream Machine, then we recommend to switch over to WireGuard.
Bundled applications
- UniFi Network7.3.83
- UniFi Protect2.6.17
- UniFi Talk1.18.9
- UniFi Access1.4.11
- UID Agent1.53.4
Improvements
- Redesigned UniFi OS Application page.
- Added Ad Blocking feature.
- Added Admin Activity to System Log in UniFi OS.
- Added Storage events to System Log in UniFi OS.
- Added Cloud connection events to System Log in UniFi OS.
- Added Trigger logs in the Network Application.
- Added support for DHCP Client option 77 and 90.
- Upgraded Debian distribution to Bullseye.
- Upgraded NodeJS to 16.14.2.
- Upgraded PostgreSQL to 14.5-1.
- Updated password rules for local accounts.
- At least 12 characters.
- Allow having a space.
- Only allow strong strength-level passwords.
- Updated Traffic Identification Signatures.
- Updated GeoIP Database.
- Updated bundled Suricata configuration for Threat Management.
- Improved PPPoE Connection stability when IP6CP negotiation fails.
- Improved mechanism for detecting disk insert and remove event.
- Improved connection stability between console and Network application.
- Improved performance when checking for firmware and application updates.
- Improved stability for direct connection.
- Improved disk formatting flow for when the console is reset with disk inserted.
- Improved email and push notification stability.
- Auto-update all installed applications including non-setup applications when auto-update for applications is enabled.
- Application actions during console boot-up are now disabled until boot-up is finished.
- Check for application updates immediately after switching the Release channel.
- Persist console invitation after a console reboot.
- Decreased the amount of DNS traffic to the bare minimum via U-LTE when it is not active.
- Optimized DNS Filtering events to prevent spamming and CPU Consumption.
- Changed the menu title to uppercase on the touchscreen.
- Changed the splash screen title to "Starting" on the touchscreen.
- Show ISP name in Internet-related error screens.
- Updated UI logo on screen/touchscreen.
- Updated UNC count threshold to 5 for disk-at-risk warnings.
- Updated the integrated Access Point firmware to6.5.30.
VPN
- Added WireGuard VPN Server support.
- Added VPN Client routing.
- Added support for OpenVPN tunnel in Traffic Routes.
- Added OpenVPN tunnel in Traffic Rules.
- Allow adding multiple VPN Clients.
- Report OpenVPN Site-to-Site VPN events to the Network application.
- Improved IPsec Site-to-Site VPN stability.
Backup
- Improved UX for Config Backup Restore during setup.
- Improved UniFi OS backup restore resiliency.
- Correctly re-enable the application to match the backup state after the backup restore.
- Disable applications accordingly to match the state in the backup file after restoration.
Setup
- Improved landing page during setup.
- Improved UX for creating UI account during setup.
- Show the WAN MAC address in the "No Internet Detected" screen, during initial setup.
- Disconnect all SSH sessions after setup.
Bugfixes
- Fixed link issue when using the UF-RJ45-1G module.
- Fixed scheduled traffic rule issues related to DST.
- Fixed incorrect application installation status detection in UniFi OS.
- Fixed timezone validation for some cities (e.g. Kiev <=> Kyiv).
- Fixed incorrect "Power on Hours" value for some disk models.
- Fixed issue modifying existing domain-based traffic rule.
- Fixed the LTE WAN failover state not showing correctly on the Network application.
- Fixed WAN1 not failing over in the event of packet loss.
- Fixed not removing some configurations when removing a U-LTE device.
- Fixed stopped applications starting up automatically after a disk reform or re-plug during runtime.
- Fixed rare UniFi OS Crash when disabling applications.
- Fixed allow-list for Ad blocking, requires Network application 7.4 or newer.
- Fixed issue related to IGMP Snooping.
- Fixed a rare kernel crash when setting an SFP+ port to a fixed speed.
- Fixed connection issues with some GPON modules.
- Enable/Disable the application after updating it to match your preference.
- Avoid repeated application update notifications for the same version.
VPN
- Fixed L2TP VPN clients not showing correctly in certain cases.
- Fixed corrupted IPsec Site-to-Site VPN rx/tx counters when the number reaches to 2Gb.
Backup
- Fixed the "Restore Console with a Backup File" page during setup when there is a large number of backups.
- Restore auto-update settings after restoring UniFi OS backup.
Additional information
- You must be on 2.5.17 or newer in order to update to this version,DO NOTupdate from an older release.
- After updating to 3.0.20, you can no longer downgrade to versions older than 3.0.9.
Overview
Bundled applications
- UniFi Network7.3.83
- UniFi Protect2.2.6
- UniFi Talk1.17.2
- UniFi Access1.4.11
- UID Agent1.51.3
UniFi OS 2.5.17 for the UDM/UDM-Pro adds support for theLoad Balancing (on the UDM-Pro), and wirelessly adopting the U6+/U6 LR+ access points.
Load Balancing
In addition to Failover, you can now configureDistributed Load Balancingto intelligently balance traffic over both WAN ports. The load balancing slider can be freely adjusted to match your specific setup. For example, if you have a 100/100 and a 500/500 ISP, set the slider to 20/80.
Improvements
New Features
- Added Load Balancing support.
- Added support for wirelessly adopting a U6+/U6 LR+.
- Added email validation for UI account creation during setup.
Stability and Performance
- Improved stability for PPPoE connections.
- Improved stability for IPsec Site-to-Site VPNs.
- Improved speedtest stability.
- Improved Remote Access connection stability.
- Improved compatibility with the UACC-CM-RJ45-MG module.
- Block power-off and reboot actions when applications are updating or installing.
- Auto update all applications if auto update is enabled for applications.
- Backup restore will skip restoring the backup schedule if remote access is disabled.
- Limit restoring local backups only from the same console model.
- Added memory limits for the Network application.
- Improved DPI performance.
- Auto-detect link speed for SFP+ ports.
Interface
- Provide previous subnet information when detecting existing subnet during setup.
- Added Hard Drive Issues notifications to UniFi OS.
- Added visual icons for UID and Connect during backup restore.
- Improved UX when installing and updating applications.
Updates
- Updated integrated Access Point firmware to 6.2.36.
- Updated Suricata to 6.0.5.
Bugfixes
- Fixed unable to establish Site-to-Site VPNs using DH groups 19, 20, 21, 25, 26, 27, 28, 29, 30, 31, 32.
- Fixed the wrong Config Backup list after a console owner transfer.
- Fixed inaccurate timezone converting causing schedule issues for Scheduled Traffic Rules.
- Fixed Bluetooth disconnecting when setting up MAC Address Clone with the Mobile app.
- Fixed log rotation for firewall logs.
- Fixed remote syslog not working since 2.4.x.
WAN and LAN
- Fixed showing false "Insert Network Cable" screen on LCM when only using WAN2 (SFP+).
- Fixed gateway configuration error when using Jumbo Frames and having Port 9 set to LAN.
- Fixed showing incorrect WAN IP in the UniFi OS settings after remapping WAN ports.
- Fixed incorrect IP address in UniFi OS when using PPPoE.
- Fixed rare kernel crashes when setting the SFP+ port to a fixed speed.
Additional information
- You must be on 2.4.27 or newer in order to update to this version,DO NOTupdate from 1.12.x to 2.5.x or newer.
Overview
Why Are We Doing This?
Migrating Dream Machines (UDM & UDM-PRO) to UniFi OS version 2.0 offers several benefits, including:
- Consistent versioning across all consoles
- Enhanced device stability due to more efficient resource usage
- Quicker, more reliable feature delivery
- Improved user experience with our gateways
What do I need to know?
- The update will take approximately 20 minutes, during which your network and gateway functionality will be interrupted.
- Update times will vary based on how much data is stored on the internal drive (e.g., UniFi Network statistics, Talk recordings, etc.).
- If you’ve enabled both automatic UniFi OS Updates and automatic System Config Backups via your UniFi OS settings the update will occur automatically.
- If auto-updates are disabled, click Update in your UniFi OS settings to begin.
- A Cloud configuration backup file will be automatically generated before the update.
- Only the Console Owner can trigger the update.
We recommend that all users regularly back up their system.
Note: Any 3rd party modifications made to the OS of the console will be lost after the upgrade, proceed with caution if you modified your console's OS.
IMPORTANT: Any 3rd party modifications or integrations (Home Assistant/"Poller") can cause unexpected issues during or after the upgrade process. We recommend to completely remove/disable these integrations when performing the upgrade.
Update Troubleshooting
- You will receive an error message if your backup file cannot be created. If so:
- Make sure all applications are up to date.
- Reboot your console and reattempt the full update;
- Un-install any unused application(s) if there are any;
- If the error persists, you can continue with the update without migrating historical statistics and data from the UniFi Network application.
- You're unable to update your console. If so, try the following steps one by one:
- Set the retention settings to AUTO, reboot the console and attempt to update again.
- Disable threat Management/Device Identification, can re-enable after the update.
- Clear historical data.
- Disconnect devices, update and reconnect them.
Secondary Data Migration
All critical data will remain intact, however, some advanced logging may be lost, including:
- Network remote Syslog and firewall logs
- Access dashboard data, but it will still be viewable in the Access Logs tab.
Improvements
- Remove support for 3DES encryption on Site-To-Site VPNs.
Known issues
- Site-to-Site VPNs using DH groups 19, 20, 21, 25, 26, 27, 28, 29, 30, 31, 32 are not working.
Additional information
- You must be on 1.12.38 before you apply this migration, or else you may encounter unknown issues.
- The ssh host key will be re-generated due to a new operating system.
- Upgrade the Connect application to version 2.1.25 or newer before applying this migration if you're running the application already on UniFi OS 1.12.x.
Overview
* This release is a rolling release, everyone will get it in the following days.
Bundled applications
- UniFi Network7.2.97
- UniFi Protect2.2.6
- UniFi Talk1.17.2
- UniFi Access1.4.5
- UID Agent1.50.1
Improvements
- Automatically reboot the console once before the migration to 2.4.x is started.
- Improve migration process.
Overview
* This is a rolling release, everyone will receive it in the coming days!
An upcoming version of UDM/UDM-Pro will migrate to UniFi OS 2.x. The process is currently being well-tested internally and will be released shortly, with no specific ETA.
Bundled applications
- UniFi Network7.2.95
- UniFi Protect2.2.6
- UniFi Talk1.17.2
- UniFi Access1.4.5
- UID Agent1.50.1
Bugfixes
- Improve backup and restore resiliency.
- Fix applications could show up as uninstalled.
- Fix incorrect timezone override when manually configured.
Additional information
Please report any issues you encounter with this release using theReport Bug form.
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and execute the following in it's shell(replace<firmware_url>
with one of the download links found below):
ubnt-upgrade <firmware_url>
UDM Checksum
md5: 02a8399d3706fa79a1a7c07bc767f243sha256: 00815f65fab517cf0c92be15eeaf623a56d6b696658bce45a543dd586ff9e3d6
UDM-Pro Checksum
md5: f9f771306df3aae784546468158fd3e7sha256: 5faa0a25bfdffb2a6387c6876764c8a9d339f8b37982c31131ca5f15fd0263bb]]>
Overview
* This is a rolling release, everyone will receive it in the coming days!
An upcoming version of UDM/UDM-Pro will migrate to UniFi OS 2.x. The process is currently being well-tested internally and will be released shortly, with no specific ETA.
Bundled applications
- UniFi Network7.2.94
- UniFi Protect2.1.2
- UniFi Talk1.17.2
- UniFi Access1.4.5
- UID Agent1.49.5+1968
Improvements
- Improve backup restore process resiliency.
- Improve compatibility with the UACC-CM-RJ45-MG module.
- Update bundled applications.
Bugfixes
- Fix inaccurate timezone converting causing schedule issues for Scheduled Traffic Rules.
Additional information
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and execute the following in it's shell(replace<firmware_url>
with one of the download links found below):
ubnt-upgrade <firmware_url>
UDM Checksum
md5: 57bfc3c1f41eefe6882d6332efc1860fsha256: 011b0c72fb07635ed7e186af42c9f3b86075b0613c8e40fc05a10f8ddcf9e00f
UDM-Pro Checksum
md5: bd818ae78f8f9e3d34064c8e8d2a164csha256: 2980ccfac5700c201ab3278e371ba3869b2d5dac60f88ac0431b30545a3096b4]]>
Overview
* This is a rolling release, everyone will receive it in the coming days!
Bundled applications
- UniFi Network7.1.66
- UniFi Protect1.21.6
- UniFi Talk1.15.3
- UniFi Access1.4.2
Improvements
- Add support for Jumbo Frames.
- Add informational prefix to firewall logging.
- Add support for backing up the console/restoring backups when remote access is disabled.
- Add Floorplan feature to the dashboard.
- Add support for WAN/LAN remapping on UDM-Pro port 8-11.
- Add support for disabling weak ciphers for L2TP VPN.
- Add support for IGMP snooping on UDM/UDM-Pro switch ports.
- Add support file download progress indicator.
- Redesign UniFi OS Settings.
- Wireless feature/fix parity with UAP 6.0.14 release.
- Always upload cloud backup before performing firmware update (if enabled).
- Allow setting SFP speed during setup.
- Allow disabling Console Remote Access only when connected locally.
- Auto-update timezone when IP changes (based on GeoIP).
- Improve application state representation in UniFi OS Settings.
- Improve UX in UniFi OS Settings when remote access is disabled.
- Improve internet connectivity check.
- Improve compatibility to PPPoE ISP provider that provides IPv6.
- Improve mobile experience in UniFi OS settings.
- Improve push notification stability.
- Improve establishing a remote connection.
- Improve the accuracy of SFP link status detection.
- Improve Cloud config backup feature.
- Improve system stability.
- Show actionable feedback when enabling Remote Access fails.
- Restore notification settings when restoring from backup.
- Reduce the delay in DHCP server responses.
- Minor LCM fixes and improvements.
- Move running applications to the top of the list in UniFi OS settings.
- Require to agree to ToS to enable SSH.
- Various remote connectivity improvements.
- Remove weak ciphers' support from the WiFiman service.
- Remove TLS1.0 and TLS1.1 support for guest portals.
- Upgrade OpenSSL to 1.1.1n.
- Upgrade busybox from 1.31.1 to 1.34.1
- Upgrade Suricata to 6.0.4.
- Update DPI database.
Bugfixes
- Fix error preventing enabling cloud backups after ownership transfer.
- Fix config errors when renaming RADIUS profile(s).
- Fix a conflict issue when both smart queue and wireless bandwidth profile are used.
- Fix issue that Content Filtering does not work for wired client with guest portal enabled.
- Fix timezone issue for Sao Paulo.
- Fix issue where arping message was spamming log files
- Fix performance gauges in UniFi OS settings for Safari.
- Fix issues where excessive incorrect failovers are reported.
- Fix issue where configuration may fail to apply in edge cases.
- Fix to avoid console locking up for some users.
- Fix a commit error issue when changing firewall rules.
- Fix an issue where UniFi applications may fail to start in some rare cases.
- Fix an issue where Chromecast speaker groups cross VLAN don't work.
- Fix issue where 1G manual speed setting on UDM brings link down
- Fix a corner issue where the default routing table may become incorrect when both WANs are used.
- Fix an issue where a wireless bandwidth profile may not work as expected when WAN is PPPoE on UDM.
- Fix a corner issue that UDM-Pro may suffer boot issue when there's HDD inserted.
- Fix an issue where the UDM-Pro can't link with 1G peer device using UF-RJ45-10G on SFP+ ports.
- Fix an issue where advertised MTU in IPv6 RA packet is not used.
- Fix an issue where content filtering doesn't work for wired clients in guest portal enabled networks.
Additional information
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and execute the following in it's shell(replace<firmware_url>
with one of the download links found below):
ubnt-upgrade <firmware_url>
UDM-Base Checksum
md5: 03cfc365c98a3bb81a8939a7416caf45sha256: ed1d3b1a1d185b03f54471850936c30ed703b168823136a56ae3e6f676cf30fe
UDM-Pro Checksum
md5: 03f867ecce132bee16364f7a95a06480sha256: 4d484e252ed48b9093ac40a146d9d0ff898b6014ac09a1212ff4e83d0bb9bda4]]>
Overview
* This is a rolling release, everyone will receive it in the coming days!
Bundled applications
- UniFi Network7.0.23
- UniFi Protect1.21.1
- UniFi Talk1.14.2
- UniFi Access1.3.37
Improvements
- Improve offline setup.
- Improve push notification stability.
- Improve establishing a remote connection.
- Improve internet connectivity check.
- Upgrade Suricata to 5.0.8
- Minor LCM fixes and improvements.
Bugfixes
- Fix Release Candidates releases appearing on the Official release channel.
- Fix a kernel crash issue.
- Fix issues where content filtering may not work as expected.
- Fix system lockups when DNS is resolving to 0.0.0.0.
- Fix high CPU usage / crashing on consoles with lots of users.
- Don't allow to transfer ownership to deactivated accounts.
Additional information
SSHinto your UDM-Base/UDM-Pro and execute the following in it's shell(replace<firmware_url>
with one of the download links found below):
ubnt-upgrade <firmware_url>
UDM-Base Checksum
md5: 2ca600aa766b5be8527bd0f3c08cfa3csha256: 5606145c61c9a4c7b965f0e4179cbcd7e644e32022df495188f10be1d8166914
UDM-Pro Checksum
md5: e831c9e7a99fd66450bf35c097a1beafsha256: b991493dfd9a861614f57ed78459c540674514eccf1197b313f391562c6dd58b]]>
Overview
* This is a rolling release, everyone will receive it in the coming days!
Bundled applications
- UniFi Network6.5.54
- UniFi Protect1.20.1
- UniFi Talk1.13.4
- UniFi Access1.3.35
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Improvements
- Add centralized UniFi OS notifications.
- Add support for WPA3 support for the UDM-Base.
- Add links to Release notes and manage updates.
- Add a new UI for the local portal.
- Add support for image thumbnails in push notifications.
- Allow to set up a console without an SSO account.(Requires UniFi Network mobile app iOS 7.3.0/Android 3.10.4 or newer)
- Improve WAN fail-over stability.
- Improve the accuracy of SFP link status detection.
- Improve reliability of installing applications updates.
- Improve navigation error pages.
- Improve reliability of downloading support files.
- Improve system stability.
- Improve Remote Access stability.
- Improve PPPoE throughput.
- Update MongoDB to 3.4.15 for Network Application.
- Upgrade OPENVPN to 2.5.2.
- Replace "Beta" labels with "Early Access" and "UniFi Labs".
- Remove the "Auto-Optimize Network" toggle during setup.
- Change default user icon in settings.
Bugfixes
- Allow entering VLAN ID during static IP setup.
- The "Release Candidate" release channel now works for applications.
- Fix the local login form not submitting when pressing Enter.
- Fix issue where DHCP/DNS could stop working when DDNS was in use.
- Fix an issue that LCM shows no WAN IP in some cases.
- Fix an issue that firewall configuration randomly fails when changing content filtering policy.
- Fix a GeoIP issue that traffic is still hitting internal servers while the source country is blocked.
- Fix a kernel crash issue on UDM during device reboots.
- Fix an issue that DPI & FP reconfiguration is accidentally ignored.
- Fix an issue that IPsec doesn't automatically reconnect.
- Fix issue where the SFP+ port may not link up.
- Fix issue where DNS servers originated by inactive WANs were used for DNS resolving.
- Fix issue where UDP packets were sent out on WAN interfaces.
- Fix issue where non-UniFi devices are listed as UniFi devices.
- Fix an issue where the device reboots when it's under an extremely heavy load.
- Fix an issue that Internet traffic can't pass in some cases.
- Fix issue where "Last Checked" time for updates was not showing the actual last checked time/date.
- Fix an issue that IPS/IDS repeatedly crashes when there are several networks created.
- Fix an issue that WAN info in UI is not consistent after remapping WAN ports.
- Fix an issue that WAN Failover may not happen when only default DNS is present.
- Fix an issue that IPSEC site-to-site VPN statistics may be nulled periodically.
- Fix an issue that DDNS may not work as expected when WAN1 and WAN2 have their own DDNS settings.
- Fix an issue that could cause mDNS to not work.
- Fix an issue that one DHCP option (BR option 28) is wrong when the honeypot service is enabled.
- Fix an issue where enabling DPI blocks access to some sites without restrictions.
- Fix an issue where the WAN2 SFP port doesn't pass traffic after reboot under certain circ*mstances.
- Show correct WAN IP for VLAN and PPPoE in UniFi OS Settings.
- Don't show update available notifications for stopped applications.
- Use the correct label for "medium" business size in setup.
- Visual fixes and improvements.
- LCM minor fixes and improvements.
- Fix FragAttacks vulnerabilities.
Additional information
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and execute the following in it's shell(replace<firmware_url>
with one of the download links found below):
ubnt-upgrade <firmware_url>
UDM-Base Checksum
md5: 7ef827ec995e861d127726bb37663cccsha256: 1f6d59a8a130d0546ff638acf5f94eb01402dbe1d2dfeda76f8c24fb5ac10eb5
UDM-Pro Checksum
md5: c8a17fa6a4e8de6deda7dcdfa351ebe9sha256: e08aeacfc40e1d3d087d8f0dbb02f595dd0031e5862fc5e4e8cd4cfb37fb3b5b]]>
Overview
* This release is a rolling update, so everyone will get it in the coming days.
Bundled applications
- UniFi Network 6.2.26
- UniFi Protect 1.19.2
- UniFi Talk 1.12.3
- UniFi Access 1.3.34
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Improvements
- Improve Remote Access stability.
Bugfixes
- Fix an issue that device reboots when the system is under extremely heavy load.
- Fix console crash when HDD SATA link is unstable.
- Fix an issue that WAN2 SFP port doesn't pass traffic after reboot under certain circ*mstances.
- Fix issues caused by the DST Root CA X3 certificate expiration.
Known issues
- PPPoE throughput could be affected when IPS/IDS is enabled.
Additional information
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and run the command below (replace firmware_url
with one of the download links found below):
ubnt-upgrade firmware_url
UDM-Base Checksum
md5: b18b24032141d9407ef427a7bd114d31sha256: c064f7afae3210b3e53f8ae8018ab15191c9623217cf6fbc3ed617f287194ab2
UDM-Pro Checksum
md5: 78d7cf46551cd0fbde6479a3f02ee135sha256: 9abbf54cc7a7b87715c2164fd184fc6f22ab18c8ea2f004613842859dda86a1e]]>
Overview
* This release is a rolling update, so everyone will get it in the coming days.
Bundled applications
- UniFi Network 6.2.26
- UniFi Protect 1.18.1
- UniFi Talk 1.11.6
- UniFi Access 1.3.31
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Improvements
- Patched openssl for vulnerabilities: CVE-2019-1547, CVE-2019-1551, CVE-2019-1563, CVE-2020-1968, CVE-2020-1971, CVE-2021-23840, CVE-2021-23841.
- Integrate wireless fixes/improvements from UAP 5.60.1 release.
- Upgrade kernel to 4.19.
- Add breadcrumbs navigation bar in Portal.
- Add automatic DNS Forwarding for OpenVPN tunnels.
- Add backup management in account.ui.com.
- Add ability to download backup files (Network application only).
- Add option to restore from previously downloaded backup file from local portal Settings.
- Add flashing-blue LED indication when no WAN connection on UDM-Base.
- Improve precision of topology discovery by searching neighbors via LLDP.
- Improve performance when doing traffic shaping.
- Improve DPI accuracy by reducing amount of "unknown traffic".
- Use only strong list of ciphers for L2TP.
- Update design for Portal header section.
- Up-to-date timezone data in setup and settings.
- Cloud backup restore improvements.
- Improve remote access stability.
- Upgrade inadyn to v2.8.1.
- Upgrade dnsmasq to v2.85.
- Remove spurious bluetooth error message from spamming logs.
Bugfixes
- Fix issue where applications are not able to update.
- Fix an issue that UDM/UDM-Pro with PPPoE WAN could lose remote access to cloud after reboot.
- Fix UDM-Base WiFi not working after a WiFi Schedule when GTK rekey was enabled.
- Fix some minor issues during console setup.
- Fix potential memory leak issues in UniFi OS.
- Fix a corner issue during PPPoE connection establishment.
- Fix an occasional WAN flapping issue.
- Fix an issue that site-to-site OpenVPN connection sometimes cannot be established.
- Fix an issue that some services accidently work on honeypot interface.
- Fix issue where a reboot got triggered accidentally after performing a shutdown.
- Fix an issue that received LLDP packets were wrongly added in drop counter.
- Fix false positive fan error detection shown on LCM.
- Fix some warnings in kernel.
- Fix periodic high CPU load spikes when DPI is enabled.
- Fix bug when U-LTE sometimes was not selected as active WAN interface.
- Fix content filtering not working on dual-IP stack networks.
- Fix issue when WAN IP is not obtained after reboot.
- Fix bug when reconfiguring switch port would cause up to 5sec of downtime.
- Fix LLDP daemon crashes in some edge cases.
- Fix bug when Suspend feature and IP-accounting feature could not be enabled simultaneously.
- Fix setup survey appearing after closing it.
- Fix stacking order for the drop-down menu in Settings when switching release channels.
- Use “Official” release channel name for applications.
- Change the “My Account” button direction in the Account menu to account.ui.com.
Known issues
- PPPoE throughput could be affected when IPS/IDS is enabled.
Additional information
Manual upgrade instructions
SSHinto your UDM-Base/UDM-Pro and run the command below (replace firmware_url
with one of the download links found below):
ubnt-upgrade firmware_url
UDM-Base Checksum
md5: 1be29e4f2473fd7833939504ffab2315sha256: 90e08c251247db845421d2a1d2675c69b3c334c9e3ed08b2467010c2aaa07f57
UDM-Pro Checksum
md5: 953afc5713716f54e18216b97a6aa67bsha256: 3837aaf3282b21befdd9eb349026c85fac46cd59564494447a8e6fe8123e0a80]]>
Overview
* This release is a rolling update, so everyone will get it in the coming days.
* You can find the UniFi OS introduction here.
Bundled applications
- UniFi Network6.1.71
- UniFi Protect1.17.4
- UniFi Talk1.9.7
- UniFi Access1.3.23
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Improvements
- Skip backup restore step during the setup when there are no backups available.
Bugfixes
- Fix an issue that remote user VPN disconnects occasionally.
- Fix an issue that Chromebooks cannot connect VPN to UDM.
- Fix an issue preventing selecting Sunday in the backup scheduler.
- Fix an issue that LCM can't correctly display WAN IP in some cases.
- Fix an issue that LCM wrongly shows update available when there's actually no update available.
Additional information
Manual upgrade instructions
SSHinto your UDM-Pro and use the command example to upgrade your UDM ( firmware URL's can be found below ):
ubnt-upgrade firmware_url
UDM-Base Checksum
md5: 165182800251ef003024a4fa2165c14dsha256: fe0e833e42a39c0a963e4fa484f5e5645358ed053b5b69609dc3cdc536ff2554
UDM-Pro Checksum
md5: 860e13a4e78372b6e593738db2b49b53sha256: e7d1e8803dd18a2b214adb56ea591040a676f12d401748e1944b58e4d9aaba57]]>
Overview
* This release is a rolling update, so everyone will get it in the coming days.
* You can find the UniFi OS introduction here.
Bundled applications
- UniFi Network 6.1.70
- UniFi Protect 1.17.4
- UniFi Talk 1.9.7
- UniFi Access 1.3.23
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Bugfixes
- Fix issue that UDM-Pro shows disconnected in device page when there're 30+ networks created.
- Fix WiFi schedule issue when Group Rekey Interval feature is enabled.
- Fix for an issue where the Network application does not load properly.
- Fix issue where UDM fails to be properly configured after setup.
Additional information
Manual upgrade instructions
SSHinto your UDM-Pro and use the command example to upgrade your UDM ( firmware URL's can be found below ):
ubnt-upgrade firmware_url
UDM-Base Checksum
md5: 56cd83b6a8b12a1a5c722a7604f2414dsha256: 26de40b39904c105c61835ddc5b38bbda58682564b1791f0a3beeaa99366235f
UDM-Pro Checksum
md5: 02b1314b8b46818107cc8b5f73abe9d4sha256: 6013155d30708837046aa94030da9e4b6e2b0d13bb3cdf08ecb42c2dc3478e23]]>
Overview
If you are experiencing issues after upgrading your UDM or UDM Pro to firmware version 1.9.x, please try the following workarounds found here.
* This release is a rolling update, so everyone will get it in the coming days.
* You can find the UniFi OS introduction here.
Bundled applications
- UniFi Network 6.1.67
- UniFi Protect 1.17.4
- UniFi Talk 1.9.6
- UniFi Access 1.3.23
As of UDM firmware 1.2.0 (and later) Smart Queues are default enabled for existing and new installs when the WAN speed is <=300Mbps. If you're experiencing unexpected slowness then please double check the configured speeds or disable Smart Queues underSettings>Networks>WAN>Common Settings>Smart Queues
in Classic Mode orSettings>Internet>WAN Networks>WAN>Common Settings>Enable Smart Queues
in New Settings.
Improvements
- Allow stopping non-setup controllers.
- Various stability improvements.
Bugfixes
- Fix AppSwitcher and User popover for smaller viewports.
- Fix unsupported WPA3 configuration ( UDM-Base ).
- Fix issue with throughput degradation if 100Mb devices are connected.
- Fix issues with WiFi settings not getting configured properly on UDM-Base, introduced by 1.9.0.
- Fix UDM-Base WiFi Schedule issue.
Additional information
Manual upgrade instructions
SSHinto your UDM-Pro and use the command example to upgrade your UDM ( firmware URL's can be found below ):
ubnt-upgrade firmware_url
UDM-Base Checksum
md5: c97cd03f4f5d09c3d52e114849cc37c4sha256: 0b11cf34d0ab17e6685b0933691e29f459cdae1b772404cb94aaa9009d7d2bcc
UDM-Pro Checksum
md5: d415e595b4c54521cebb8d5ec60671d3sha256: 929b74d63c19cc530041e381929b18e56e517b2fe4285731ec7c49cd5cdfaf6d]]>