One Reason I Cannot Recommend a Ubiquiti Dream Machine Pro (Fixed??)
Let me log into the device without access to the Internet (easily.) Writing this in hopes this gets fixed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: Unifi | Dream Machine Pro | Ubiquiti | Network Security
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note: Ubiquiti seems to think this is not an issue. Was there something wrong with the particular device I received? A supply chain issue? When I finally did connect to the Internet the version of software I received was very old. I wonder if older than it should have been based on the time period when I bought the device. You should check that.
Update 4/12/24 — seems that I may have been shipped an older device. Will confirm this is not an issue when I get another one to test out.
I wrote about how I needed to fix routing on pfSense to allow my UDM Pro to reach the Internet and get traffic back.
Until this problem below is fixed, I would not recommend a UDM Pro to anyone who cares about network security. If you’re just going to expose your device to the entire Internet when you set it up, you won’t have this problem.
Today I wasted an inordinate amount of time because the old settings I had on the UDM Pro do not align with the configuration of pfSense. So I need to login to the UDM Pro and fix that. Or see what those settings were and align the pfSense configuration.
So I go to the IP address — and mind you I’ve already set this up before and was able to login. So it’s not just that I’m doing a first time setup. I simply cannot login. And this is beyond annoying.
I also do not see any blocked traffic in pfSense. I log all outbound traffic. There’s no blocked traffic.
I do see that even though I change the settings for the UDM Pro to the gateway and static IP I configured on the pfSense that the UDM is sill trying to access some old IP addresses.
The UDM Pro won’t let me even get to the login page until it connects to the Internet. WHAT?
The other thing I don’t like is that is spams the pfSense with broadcast traffic on port 10001. Which means that if I were connecting this thing to my ISP directly it would be spamming my ISP’s devices with that traffic — and that’s none of their business. What is that?
So anyway, I just want to locally log into this device and I cannot. And I’m beyond frustrated. I remember I had this problem before and I found and wrote about a way to login to it but now I cannot find it again. Not sure what happened to it.
~~~~~~
Until this problem is resolved, I cannot recommend an Ubiquiti wifi device ~ though there are many other wifi devices that are worse and I have yet to find a good one. Can someone please manufacture a good wifi solution? Or if Ubiquiti fixes this maybe I’ll change my mind.
~~~~~
For now I am going to try to reset this thing to factory default and see if I can get in some how.
In the end, I could never login without an Internet connection. I couldn’t get in to see the logs and configuration so I could see why I couldn’t get an Internet connection.
Ultimately I found a way to get an Internet connection, but there should be a way to login to the device and view the configuration and logs for a device that cost like $1500!
Apparently a lot of other people have the same problem. I was told it may be a software issue but I just bought this device a few months ago. And if I can’t login I have a catch 22 where I can’t see what version I’m on or upgrade the software. I read about some SSH option but ugh. Well, someone from Ubiquiti was reaching out on Twitter so maybe they will fix this. And reply to all the posts below.
and another:
https://twitter.com/Boverhof/status/1535582524965109760
https://community.ui.com/questions/UDM-Pro-Login-No-Internet/9e11207f-bc78-4b34-8dc1-11a79029c6b5
https://community.ui.com/questions/UDM-Setup-No-Internet/2a6a68c8-cce0-4b8c-8ea8-d991ea000202
https://community.ui.com/questions/UDM-Pro-No-Internet-Detected/ae0f3fa9-66db-48f4-9f2c-0bc41b807381
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2023
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity for Executives in the Age of Cloud
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Appication Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Medium: Teri Radichel
❤️ Sign Up For Email
❤️ Twitter: @teriradichel
❤️ Mastodon: @[email protected]
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab