Should You Buy The Ubiquiti UniFi UXG-Pro?
VloĆŸit
- Äas pĆidĂĄn 6. 08. 2024
- Affiliate Link for HostiFi UniFi Cloud Hosting Service
đ hostifi.net/?via=lawrencesystems
TailScale VS ZeroTier Review
âą Tailscale VS Zerotier
ZeroTier Review
âą Zerotier Tutorial: Del...
TailScale Review
âą How Tailscale Makes Ma...
Connecting With Us
---------------------------------------------------
+ Hire Us For A Project: lawrencesystems.com/hire-us/
+ Tom Twitter đŠ / tomlawrencetech
+ Our Web Site www.lawrencesystems.com/
+ Our Forums forums.lawrencesystems.com/
+ Instagram / lawrencesystems
+ Facebook / lawrencesystems
+ GitHub github.com/lawrencesystems/
+ Discord / discord
Lawrence Systems Shirts and Swag
---------------------------------------------------
âșđ lawrence.video/swag
AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store
đ www.amazon.com/shop/lawrences...
UniFi Affiliate Link
đ store.ui.com?a_aid=LTS
All Of Our Affiliates that help us out and can get you discounts!
đ lawrencesystems.com/partners-...
Gear we use on Kit
đ kit.co/lawrencesystems
Use OfferCode LTSERVICES to get 10% off your order at
đ lawrence.video/techsupplydirect
Digital Ocean Offer Code
đ m.do.co/c/85de8d181725
HostiFi UniFi Cloud Hosting Service
đ hostifi.net/?via=lawrencesystems
Protect you privacy with a VPN from Private Internet Access
đ www.privateinternetaccess.com...
Patreon
đ° / lawrencesystems
â±ïž Timestamps â±ïž
00:00 ubiquiti unifi uxg-pro
01:37 HostiFi UniFi Routing Statistics
03:30 Next Generation Gateway Pro Specs
05:50 Should You Buy This Device?
#UniFi #Networking #Ubiquiti - VÄda a technologie
Affiliate Link for HostiFi UniFi Cloud Hosting Service
đ hostifi.net/?via=lawrencesystems
TailScale VS ZeroTier Review
czcams.com/video/lAhD2JDVG08/video.html
ZeroTier Review
czcams.com/video/Bl_Vau8wtgc/video.html
TailScale Review
czcams.com/video/bcRVkoeSN0E/video.html
â± Timestamps â±
00:00 ubiquiti unifi uxg-pro
01:37 HostiFi UniFi Routing Statistics
03:30 Next Generation Gateway Pro Specs
05:50 Should You Buy This Device?
Agree with you about Ubiquiti not putting the effort forth. The thing I don't like about the UDM-Pro/SE and this newer UXG-Pro is they don't give you a 1/5/2.5/10Gbe port for your WAN connections and LAN connections yet they call they call their products "professional" or "enterprise" which they clearly are not. I have a UDM-Pro myself.
@@andrewenglish3810 These products both offer 10g SFP+ ports. SFP+ modules to provide RJ45 copper ports are readily available. Are you just unhappy that you need to use such a module as opposed to native copper ports? (The UDM-SE offers 2.5 copper natively, in addition to the SPF+ port, as well)
There are a lot of shortcomings in the featureset for these devices, but those just aren't the ones I would call out, personally.
I genuinely *want* the UXG-Pro to be successful and receive feature updates via firmware. The only ones holding back Ubiquiti is... Ubiquiti.
Sure UI doesn't have a roadmap they advertise, but they have said that Wireguard support is coming, alongside other things they've said like load balancing I believe.
@@kensingh9527 how long have they been saying wireguard will be coming officially it's been so long
@@jacksalem6472 I know load balancing is coming in the next major firmware update. And I donât believe theyâve officially said wireguard support is coming soon until about a month ago afaik.
@@kensingh9527 they have been promising it for a while
@@kensingh9527 They promised L3 routing for 10 years. Now itâs released and no ACLâs so basically useless. UniFi is a great choice if youâre a customer that want shiny boxes for a premium. You donât buy it for performance or features. Ubiquiti had all the tools to make the lineup at least prosumer but they make it worse every generation. This comes from a guy that manage over 3K UniFi devices for customers.
Take a $379 Dream Machine Pro. Remove hdd option. Remove 8 port switch chip - recycle its internal 1gbe link to provide the 1gbe lan port. Charge $120 more. What am I missing?
4GB RAM -----> 2GB RAM
@@znzbest2004 LOL
yep. I had the exact quesiton.
I'm using a UXG Pro in conjunction with a UISP Router. With the latest controller, you're able to define multiple static IPs and route them as you wish, in my case separate VLANs to specific static IPs. The controller UI still isn't perfect but it's much better than it was 6 months ago.
The lack of basic firewall logging for policy actions on the UDM Pro has me interested in the UXG Pro. I'm waiting to see if they implemented basic items like logging deny and allow. At least the old USG Pro had a letter in the logs that you could key off of to find the denies and allows.
Regular viewer just noticed the new message about the company, really like it!
Thanks
i appreciate you Tom, thanks for all you do to educate
Hello there,
We are having one UDM-Pro and considered it a great device for a simplified way to manage your access layer. And it is so - people who do not have solid networking background can easily manage switchport profiles, change SSIDs, adopt new UAPs etc.
The troubles started when we wanted to assign each remote access VPN user a certain IP address, limit their access to internal resources, have some logging enabled, perform a HA cluster (active/standby) HA configuration with dual WAN failover.. Either we were not able to perform some of the tasks or we didn't have the knowledge but UDM-Pro failed to fulfill our needs. Another thing is lack of support for multiple sites..
That's why we will keep using the UDM-Pro for management of the access layer and move to a different solution for the routing/firewall/vpn termination part.
Congrats on the informative videos! Channel content is great and really helpful!
Regards,
Nayden
Just about to watch the video, but I have to say....THANK YOU!!!! This is exactly the video I was hoping to see.
I love the new starter promo for your company and services. :)
The UXG-Pro is half-baked. This thing needed to have multiple 1/10Gb interfaces that can be configured as WAN or LAN (internal network, DMZ, ... etc). It needed more CPU and memory for handling IDS/IPS, optional BGP routing and large routing tables in memory, NAT, Next Gen firewall features, WAN load balancing, link aggregation of LAN ports and room for more features in the future. They could've put the $269 Aggregation Switch port configuration in a new chassis with the features stated above. They could also develop a code train for the UDM-Pro line that has a simplified network controller that leaves out the redundant features of UXG-Pro and allows it and its interface to be adopted and integrated into the UDM-Pro's web interface (single pane of glass). This could also be the case for the Protect NVR interfaces as well. This would offload those processes, leaving more resources to the UDM-Pro for running Talk, Access, Connect and UID. Then maybe they can consider making the drive bay in the UDM-Pro useful for logging when not running Protect.
The switches, wireless and other Unifi offerings are great for the price and features. Make it a legit firewall with some "real" routing features.
Sadly, this will probably never happen.
I'm running full rules and blocking for IDS/IPS and get full speeds on a gig connection.
Awesome video as always great work thanks for doing this video!
I just bought this unit and this weekend Iâm going to be replacing the 1st gen of the router with this new one. Iâm doing this to add 10 gig support and this is the first step
I have one and have since EA, but I basically didnât end up using it until it came out of EA. As a prosumer with an IT background, it works okay as firewall for someone who wants to be self hosted (I outgrew the CloudKey Gen 2+), but didnât want to be tied to the Unifi OS consoles. I find that I want a little more than what Unifi switching can do, but so far not enough to justify migrating away. Iâve moved to Ruckus Unleashed APs, so moving away from Unifi may end up in my future, but the price point is reasonably good for what you get and justifying replacing everything is pretty tough.
I got one not thrilled with it yet but hoping they make it more usable...
It has fewer options the the USG Pro but with more capable hardware.
Whooo hooo. I account for 4 of those UXGs on Hostifi. Adding 4 more in the next week.
Iâve had my UXG Pro for about a year. Itâs been absolutely flawless so far.
Multiple WAN IPs?
Thanks Tom. I was literally watching a different video on the UXG Pro when I received a notification that your video just went live. While not a review I agree with all of your points. There is a distinct lack of details on the UniFi store site and for having been in beta essentially for 2 years there should be plenty of metrics for routing speed with and without IDS etc. I was trying to find out more details about the dual-WAN ports such as does the UniFi controller software only support WAN failover or also WAN Aggregation and so far only other videos I can find on the UXG Pro were from 2 years ago and very little since then. I imagine now that it is generally available there will be some reviews coming soon but as you rightly point out there is really nothing new here hardware wise and all the features are driven by the controller software other than actual dual WAN ports. Keep up the great work, really enjoyed your video about pfSense Backup and Recovery and just started the recent David Bombal interview with you on Real World pfSense which looks to be a great interview.
The UXG Pro currently only supports WAN Failover. You will need to wait for firmware 1.13 for WAN Load Balancing.
@@scothetzel4844 And I'll believe it after I see it actually ship :p
hi,
perfect video.
i using a windows machine or a linux machine with unifi controller and do portforwarding to access from all my sites.
Best idea.
Hi if I want to build a home network what to use dream machine pro se or pc With two network card or Some other stuff do you have a video about it and pros and cons thank you very much before hand
I love Ubiquiti and it's all I use/sell these days. I don't really see a need to upgrade from my UDM-Pros for this either or really know where I would use this. It seems like they are trying to aim Unifi at the Enterprise market but this is not it. What they need is something more Edgerouter Infinity on the WAN side of things with a Unifi/Usg front end if they want a router in the same enterprise class as their higher end Unifi switches seem to be aiming for. On the SoHo/remote office side of things which is most of my business the Dream Machine fits the bill but would be perfect if it had 8 POE Lan ports(I mean come on), at least one more SFP port that could be wan or lan preferably 2, multiple wan ip/failover/load balancing that the lower end ERXs have without losing the Gig throughput then it really would be a dream machine. Like many others have said it seems like Ubiquiti runs a good race but falls flat at the end. Unifi Protect? Great I got some cameras they look good easy to set up but the first thing I wanted and my customers ask for "Can I get a notification on my desktop and maybe a window to see who is walking in" and yeah no Windows app at all that even the cheap cameras have. Unifi Talk? Great. Oh no analog ports well that rules out most of my use cases. Their nonstandard POE that varies from device to device even in the Unifi ecosystem. They have all the pieces in house to make a really great product but...
Hello Lawrence, i have a question i have a Nighthawk Netgear M6 hotspot that has a ethernet out which i am using to connect some devices that need internet access at a remote site but i am looking to put a firewall in between for security, what do you recommend I use? thank you in advance
They had an opportunity to fix some of the missing parts in UDM Pro, which would have made sense with the name of it. Redundancy would be a major part of that. The ability to have two of these in failover mode alone could have made us switch from UDM Pro to it in the office. But why are there only these few ports on it? At least two SFP+ ports for WAN and two for LAN would be the minimum. It's also the same processor as UDM Pro, which means it can't do full 10gbit with full protection on. To me this is just a UDM Pro minus some features and more expensive. It makes no sense.
The only plus is that it can use other controllers. But in practice almost no one cares about this unless they run many sites.
My UDMP died, replaced under warranty. The replacement was dead out of the box. The 3rd one worked except the LCD screen died after a firmware update. As soon as I received my 4th one I immediately sold it went with the UXG.
I bought it for my new house that is being built and I am laying out the woodwork for future 10G. (Some of my devices support 10G). Yes it is overkill, and I get it, but I want it and I like gadgets. đ€
Another good video!
Suggestion for a future video on related topic of Ubiquiti limitations: How the UDM Pro doesn't seem to have the hardware to handle even a medium (5 camera) size deployment.
I recently overhauled my entire home network to the latest Ubiquiti Unifi products after much deliberation and research and thought I had my all-in-one solution. I've been mostly satisfied with my decision until recently when I replaced my existing PoE cameras with Unifi devices to run on Protect, as was the plan from the beginning. Much to my chagrin, even this smallish scale amount of cameras causes the device to chug on trying to serve up live stream feeds to security display devices. Digging around on forums lead me to the commonly held notion that the RAM on this device isn't matched to the company's claims and a nightly reboot appears to be the "solution" to this issue. Sure enough, once I reboot my UDM Pro it will work fine for the next 8-10 hours or so.
As you can imagine, I'm incredibly disappointed as I thought that all-in-one would mean that the same company produced and developed the hardware & software meaning they would all play nicely together eliminating the previous weirdness I had with devices sourced from various manufacturers. Now it appears as though all I did was shift some money to another brand for similar unforeseen issues. For a device with the word "Pro" in the name you'd think it would be equipped to handle at least the more basic features of the manufacturer's claims. Ideally I would have probably 8-10 cameras (if they ever got the ones in stock I'm waiting for... that's another topic entirely) but I can't imagine how this device would perform then.
I wish I had known about this "known issue" before putting my eggs into this basket. I haven't seen anyone on CZcams talk about this and the info I found on forums is sparse at best. It wouldn't surface unless you were specifically looking for it. This is a real issue and I'd like to see people such as yourself talk about it to bring it to the attention of Ubiquiti to potentially be resolved as well as warn others who are considering so they can make a more informed decision.
Thanks for your time and thanks for your videos as, over the yeas, I've always found them helpful and interesting.
I want to replace the UDM-Pro we have that's been controlling 45 APs and 13 switches.... brings the controller to its knees all the time to the point where I'm having to regularly restart unifi-os. This could be the solution as I don't use the UDM-Pro for anything other than routing. Not the best solution, but should work.
Tom do you know of any apps / software that will allow you to view all pfsense firewalls in one place like a central management sort of thing?
when can we use site 2 site vpn without static ip in usg.
Thats the primary thing why i put sophos utm or xg home to my colleques.
Hi I have really enjoyed your channel. With all the products you have used and talked about. I do like Unifi but also EdgeMax and others.
Which route would be the best to start with is setting up a home testing center to dig more deeply into networking?
As you have mentioned Unifi routers and firewalls leave a lot to desire. Is there one product you would recommend or a blend of products like Edge Router and Unifi AP?
We prefer pfsense as the routers
Hi Tom, have you considered revisiting this device with the new added features? If you should buy or not? If the memory is sufficient/upgradeable? Etc.
I really want to replace my old edgerouters with something I can control from the Unifi UI, but I need something that can do VPN and dual-WAN load balancing. But right now the edgeOS is so much better, and the UXG won't have load balancing until an as yet unreleased and untested 7.1.55 firmware update.
As you say, its all about use case, something missing from the current USG's is the newer routing policies that the UDM/P/SE/R and will be part of the UXG line, but thats still WIP
Any idea on how I can get ADVA FSP 150-GE102PRO to work with a switch.
Would you review your statements with the new software release now ?
I would never buy a a Unifi Router anymore. As soon as you want to do not just a very basic thing those devices limit you very much and they are slow. Replaced my USG G3 with a pfsense box and never look back anymore. Their switches are ok and their access points are very good, but those security gateway are lackluster, lack features, are slow and dont see much development.
New business intro is great đ
I'm glad you like it
I thought UDM-Pro would support multiple configuring multiple static IPs through the GUI? That being said shouldn't the UXG-Pro?
Rewatching this now a year later. A lot more specs have come out, thank goodness, but also the UXG-Lite is being released also, which is a true USG 3 replacement. Also it seems Wireguard is now supported :) Unifi are getting closer with their offerings
Yes, they have finally starting putting in good features.
Thereâs a good reason they arenât really âpushingâ into the enterprise marketâŠ..and we all know why. Example, I have about 4,000 users across 50+ offices and 12 global data centers. How could I EVER consider this over Checkpoint? How about Palo Alto? Every âsecurityâ product has IDS/IPS, DPI, NATâing, decent L3 options like BGP, OSPF, etc.
Now, in case you havenât figured it out yet, they arenât even close to being âin classâ with competitors that do AppID, machine learning, MITM SSL Decryption, firewall policy/rule based QoS, per vINT max concurrent session control, granular per CVE based control policies, GRE tunnels to cloud providers, EDLs, etc., etc. I can go on and on, fully understanding that this isnât priced anywhere near these competitors, but itâs still not in the big leagues yet. Ubiquiti has come a long way, I know, and their prices are fantastic. However I couldnât see anyone even ditching an ASA for a UXG any time soon, and the ASA is over a decade in age and still does plenty that the UXG canât do.
Bottom line is that Ubiquiti needs more features, more security centric ideas built into them. They could be so much more, and they could disrupt the entire industry if they focused more and more on enterprise security and kept their already disruptive pricing. But as it stands now, they are still a solution for SMB, not enterprise.
Also, Iâm not a hater. I have UniFi CKG2+ as well as APs, cameras, etc in my home, my parents home, my in laws, and several moonlight clients. The reason? Price to performance and SMB requirements.
Love the content!
@UC4JW7jPGUTKysFDagF6aobA directly in their description:
- designed to protect medium to large-sized networks with enterprise-class firewall configuration and threat management features.
- delivers a versatile networking interface and enterprise-class threat management functionality to medium to large-sized networks.
-It also excels as a complete network security solution
I have had a uxg pro since day 1 early access. We have multiple usg devices in the field but the client fully understand the limitations. I think its disingenuous of UI to be throwing around claims / buzz wording like they have in their description. I mean, I know sonicwall gets a bad rap sometimes, but even as an entry level device they still have enterprise class features compared to ubiquiti. Now with their whole identity platform, access, etc... I just dont know. They need to cut back and focus on the controller and feature sets for their routing / firewall devices.
What is your opinion on Palo Alto in general?
@@Netno-one the guy already deleted his postâŠ.lol. âHave they ever really marketed themselves as an enterprise solutionâŠ..â he says. Then, when proven wrong, he deletes his reply like a cowardly twat.
I appreciate the fact that Iâm not the only engineer that sees this product for what it truly is, so thanks peeplez.
@@Netno-one I love Palo Alto now. Iâve had my hands on them for about a year now, and I gotta tell you they are worth every penny. So far, there is only ONE single thing that Iâve found that Palo Alto cannot do that Checkpoint canâŠ.and that is firewall policy based QoS. You can do zone and interface based QoS based on sources and destinations, but not service or AppID based QoS policies. This is a small gripe though considering you can get pretty close with the zone/interface based QoS, but it would be miles better to implement QoS directly into the firewall policies themselves, as it would be total granular control over the bandwidth.
I can go into details if you need it, but rest assured, Palo Alto is superb product, miles ahead of Ciscoâs NGFW, Juniper NGFW, and even most of the start ups/new products out there. Of course this is my personal opinion, and opinions are like buttholesâŠ..everyone has one.
@@EricsTechSpot the coward deleted his reply. See my response aboveâŠ.lol
would you not be better off buying a UDM PRO SE over this?
Doesn't UniFi Network now have full L2TP VPN with RADIUS user management and site-to-site?
Does UniFi even sell the USG anymore?
If mine dies what would you recommend in the $200-$300 range... without building my own.
im looking at this uxg-pro for use as my router in a setup like this:
ISP Fiber in > UXM-PRO > 2.5 gb Switch > WIFI 6e access point.
Anyone see any issues with what im doing? i feel like im missing something
Can you.ad PIA vpn on it like pfsense?
I have the UDM-PRO, don't buy it or it's siblings. Unifi routers are shit. Tried all release channels of the FW/SW, they are all unstable in one way or another. For example right now I can only access Protect and not Network, it just does not load. Need to access it via SSH to restart the Network container/service etc. It's never up when you need it. Most faults do not compromise the internet uptime, but still irritating as hell not to be able to access the router management pane and don't get me started on the lacking functionality in both HW and SW compared to pfSense....
0:36 seconds in ⊠in the self-promo section ⊠âAggravating switchâ ⊠đ€Ł
Actually it say "Aggravation Switch" đ
Dammit, and I thought I was paying attention...
Isn't it "just" an upgrade to the 4G? As an upgrade for that one, this certainly fits the bill. The 4G has some serious speed limitations with IDS/IPS.
On the same page with you, well said
I notice that Zyxel are offering a similar design and product line , i would like to see a reveiw that is not unifi based home network, the problem i have is every time my computer needs a reinstall the damned controller goes with it and i have to reset all my devices currently 2 this is a major problem for me
I don;t plan on reviewing or using any Zyxel products due to their poor security. They have had several back doors with hard coded credentials. Aruba InstantOn is an alternative.
Today I have the EdgeRouter Infinity ER-8-XG, is there any benefit to move to the UXG Pro?
I have a cloudkey G2, Unifi Switches and Access points.
Glad you asked. I have a nearly identical setup and same question.
Nice to have 10gb wan, I am looking to get 2.5Gp Up and Down from my ISP
Hey. I know you've said the VPN is not great due to L2TP. Could you explain a little more why you stay away from that protocol for VPNs?
Nice idea for a video @Lawrence
I have the UDM-Pro, and a 500/500 fiber connection. My VPN performance with the built-in L2TP is atrocious. If I didn't have some Unifi protect cameras on it, I'd rather replace it with a modern PfSense box.
@@Solkre82 This.I've got 1000/1000 and speed from other location is horrible. like 50 or of 1000
@@hallow5170 Same here!
The UXG Pro is not a 'replacement' to USG Pro 4 because of the different OS. The UXG Pro runs the Unifi OS not the previous EdgeOS. This means you can not do config.gateway.json relevant changes. I must have this feature so that I can intercept rogue devices that ignore DHCP assigned DNS servers, reroute/masquerade the query, and force the gateway to push the query through a pihole pair. I'm not aware of any configuration options in Unifi OS that allows for this.
It has the same processor as the UDM Pro and 2 Gb less ram
Ive had mine since beta and I love it.... super solid performance.
I saw the announcement yesterday and tbh it's looking like a pretty useless thing to me.
At least redundant 10g Ports / optional fw redundancy should show up. Not so much about what it lacks as a firewall, but about how it isn't even complete for what it *can* do.
Some fortigate will not run more than roughly 3* this price - for a full feature set & hw coverage
The USG isn't economical in that case.
Do the 10 gig sfp+ ports / adapters support 2.5gig and 5 gig connections?
I don't think so
Can you do a comparison of UDM Pro and UXG, software and hardware?
They both run the same UniFi software which means they lack lots of features such as advanced VPN options
Is there a replacement for the smaller USG yet? The UXG-Pro is too expensive for some smaller installs
Not that I am aware of.
At the end, it's just the old USG on steroids again, just like the UDMPs, but now adoptable on external UniFi Controllers. Higher throughput capabilities and the same very old limitations that even $50 routers from other brands don't have. Might fit the needs of some, but really not a serious "firewall" option for the majority.
Exactly this. Thank you. This isnât exactly âenterpriseâ or âlarge networksâ by any stretch. That being said, itâs a great product for SMB that want great throughput, a decent L3 solution, and already have good software security solutions in place.
I donât see anyone throwing out their ASAs for this any time soon, and THATs what Ubiquiti should be going forâŠ.they should be developing an NGFW solution to disrupt the terrible pricing of Checkpoint, Palo Alto, etc.
I also totally agree with this comment... I read the data sheets and then you get a product that does 125mbps on VPN after hours of testing on different encryption thinking it's something I did.
The stack that LS covers often, Ubiquiti switches and pfSense routing (CE or pfSense+), is really great for remote sites and it's a solid product stack.
I'm honestly constantly disappointed with three things at Ubiquiti... warranty, firmware and router/VPN offerings.
Even their Access line is a mess... The idea that people will pay $10+ - per user - to reuse a fob across 4 to 5 doors - is insane. I flat out refuse to pay almost the same amount as Duo and Umbrella, in a package, for a door fob system. If they had a door-only one, I'd gladly pay $1-2 a user at a $50-$100/mo minimum - but I'm not paying half of my M365 budget to them. Not happening.
Can get a nice netgate device (when in stock) for that price.. And will do so much more. Or I just got a used super micro on ebay for about 250 and it will do way more. Ubiquiti routing is just never going to be that useful
Did you ever do that review?
Tom speaks the truth. I ran a USG4pro for 10 years. It was an awesome prosumer firewall. Running IPS with a 250mbps limit did not bother me when I had cable at 300mbps and I did not need more advanced features at the time. I was however hart-broken with every Unifi release that they had not added anything new or amazing. Each upgrade it felt like there was however an ever more impressive dashboard of nonsensical stats.
A year ago I bought a home that had gig fiber and the thought of giving up over 700mbps of speed just to stick with Unifi line bummed me out. I'm sure the UXG-Pro can do IPS faster than USG-4 Pro. Could have plunked down $500 and kept waiting for those promised new bells and whistles or I could move away for what is available now. So in November I ordered a Netgate 6100.
While I waited for it I built a pfSence on an old dell PE2950 with dual 10gig SFP+ nics, it worked flawlessly. Now that I have the 6100 I have to say Netgate and pfSense really impresses me. Yes it takes more effort to configure things, vLANS, firewall rules, VPNs, etc , but there are so many more options and the add ons. I've been wanting to play with nTop for many years and just never found the time to configure it all, with pfSense and LTS had it up and running after watching a 30min video.
Thanks Tom for the info you, Keep up the good work
You also spent more than 2x the price of the UXG-Pro. Might should mention that.
I donât quite understand why this, setup my small business with UDM pro, it has almost everything.
Yeah, the lack of basic router features is why I'm moving away from having any ubiquiti great at the edge of a network.
I think the Unifi gateways are expensive and rack mounted. I think Ubiquiti should have some hardware to compete with Omada ER605 for example.
What's the difference between (UDM Pro / UDM SE) vs (UXG-Pro-US+cloud pro-gen-2)?
The UDM line has a controller built in and a few other features.
Which one you prefer best ?
@@anwar.shamim Neither.
Thumbs up if you also want a replacement of the current USG-3, with modern hardware and performance.
hi lawrence, I 'm looking for a good home firewalling device with NEXT GEn firewall capabilities but without all the real licensing hassles , do you have one or two suggestions i could investigate ??
If you are looking for good web filtering then you are going to have to pay for a licence. If web filtering does not matter then you can use pfsense.
@@LAWRENCESYSTEMS hi Larence thanks, i need web filtering what product would you suggest within a base price for the HW around 300/400 Euros ? what about the unifi express???
The UniFi web filtering is basic but works, the UniFi express is good.
@@LAWRENCESYSTEMS i can't find anything on youtube regarding the unifi cloud gateway ultra
Have you gotten unifi USG to work with Starlink?
I don't have statlink to test with
I wish UXG existed, like a router without nvr and other things from Unifi
Ubiquiti won't even create a spot to input A records into the DNS service. People are able to perform that in the CLI (not persistent) but I would have expected that this would have been a super easy win (easy to implement, would be used by a LOT of users).
Should you buy? No. Unless you have the barest of needs for a firewall/gateway.
I have been using the Pfsense firewall for a few years now and wouldn't replace it, for the Ubiquiti dream machine.
Lots of missing features and for its cost is not worth the purchase.
Dual WAN, FAILOVER ONLY..................... STILL!
they created a new category on their store called routing offload and stuck the usg pro in there...i just found it while watching this video
Yes, but it just links to the store page and not a detailed page covering more about the device.
@@LAWRENCESYSTEMS true. As you said... I would say it's probably got the same throughput as the UDM pro since it uses the chipset of the UDM pro in terms of the processor. So we can route at 10 gig. It's basically just a USG4 with the UDM pro-chip set for folks that don't want to use a UDM pro and want their own controller. The UDM pro does not do anything more than what the USG does in terms of firewall and routing. As you said it's all limited by ubiquity software.
Dell R210 II w/Pfsense is still greater than UniFi UXG-Pro in 2022.
A few years ago I got Unify WiFi. I was super happy with it in my house: does wifi routing, roaming and balancing smoothly.
Last week I decided to extend my home network (500MBps) with USG Enterprise Gateway.
I expected to see great traffic control and easy security management without hassle.
I have exactly the same issue - specs looks like it could support up to 1Gps but it simply CAN'T support 500 Mbps (250 was my best without threat management).It also does NOT have any cool features out of the box.
Will think about the dream machine.
I believe 250mbps is the USG's rating for IPS/DPI, so your performance is correct. This video is about the UXG-Pro, which supports a higher throughput, but that rating isn't listed yet on UniFi's website.
There is no such thing as a USG Enterprise. Maybe you wanna check first what exact device you have.
Having that said, WITHOUT IDS/IPS and without Smart Queues switched on, I even achieved 1g throughput on the oldest and smallest of them all, the USG (without the "Pro" or anything). If you achieved less, you either had something switched on you have not been aware of, or something else was wrong, e.g. measured through WiFi and band was utilized by other devices or whatever.
The old USG Pro with IDS/IPS switched on is rated for around 250Mb/s, that would match your number, but not your other information.
unifi, not unify
@@gregorysmith3913 again it is titled it in Canadian Amazon as "Ubiquiti UniFi Security Gateway Router with Gigabit Ethernet".
If a person is a noob, like me, buy it; he will assume it will handle 750 to 1000 MBps.
It is NOT.
In fact, my default ISP router I was trying to replace is way faster đ€Ł.
It is a shameful situation...
lol - don't bother. threat management draws a pretty console but it's pretty worthless. It makes people feel good, but does very little of anything useful.
How you release a product with dual wan connections and choose not to support load balancing in your software, is beyond me. Ubiquiti seems to half-arse everything.
It's under routing off-load, I had a hard time finding it too
Yeah, but does not really have a dedicated detailed product page.
@@LAWRENCESYSTEMS Agreed, maybe I'm missing something. I get what this product is, what it does, but something about it just doesn't feel right.
@@davidallen2211 Seems to me that they were planning for it to be used in conjunction with a UDM, but then they ended up releasing it as a USG replacement. As far as I can tell, it isnât possible to actually offload the routing/firewall capability from a UDM yet, which makes the whole situation really curious.
Not sure why Ubiquiti just donât enable the UISP Console to work in the UniFi universe it should be the new USG with a pro version being a version which is a cross between it and the enterprise 8x2.5gb switch.
The UXG is under routing offload . Great video
Yeah, but does not really have a dedicated detailed product page.
@@LAWRENCESYSTEMS correct I was shocked when it was released as well. EA for two years
On all my unifi wifi systems I just go with mikrotik routers.
I'm waiting patiently (naively too?) for the UDR to drop at $79 cause that's the only price point that I can justify at this stage :(
Until then suffering through pfsense and its 3 pages of settings for every tweak you want to do
Is ZFS as flexible as Synology SHR?
Is Synology SHR as resilient as ZFS? I can answer you that, No.
@@TanKianW79 SHR is not a filesystem. It is a spin on RAID containerization. I think you mean BTRFS vs ZFS as a filesystem.
@@TanKianW79 I just can't afford to buy 8+ 20TB disks at once. So I need to add disks as I go, which as far as I know ZFS can't do. SHR can.
I agree with you i like this system But the information and product guidelines here. Not conducive to customer system planning.
Many network systems are planned and designed for 3-5 years of maintenance. But he acts like an apple product. which we do not know anything from here an obstacle to planning
We have to wait for the products to be released and wow, from now on, let's make a plan.
I hope he will do better communication and marketing with customers.
Now it's like working only in the software department, maybe just UI but the hardware slowly sipping coffee. or maybe both
However, there should be a clearer product scope Despite the lack of chipsets.
I really liked Ubiquiti/Unifi but they have really been disappointing lately. First, they are always sold out. Can no longer get just the USG where I can vlan and traffic shape and have a lite UDM. Their switches prices of more than double the last couple years. I really think I'm going to find alternatives. Any recommendations here?
The alternatives are often more expensive, or sold out , or have licence fees.
It's the same hardware as the udm-pro I think.
Damn Ubiquiti.... All these years and still no native support for an OpenVPN or WireGuard server... Soo annoying.
It's been added to the UDM and is coming to the UXG.
@@fretbuzzly What was added to the UDM? Both?
TL;DR Ubiquiti needs more software, not more hardware. The UXG-Pro doesn't offer much advancement due to lack of implementation of advanced features in software.
And now finally in the EU store at ÂŁ461. Wow...
Unifi enterprise xg doesn't do ACL but it's advertised as a L3 switch or L3 features if you look at the small print. I would have sent it back but I had it for 3 weeks before I opened it up. Yes it's cheap because it doesn't do so much essential and basic things other switches do. The Unifi range is for basic plug and play home user devices. Do not I repeat do not use unifi for business.
Plug and play home user's who think their CCIE is in the post after setting up a VLAN / router on a stick.
I do use it at home, but I also recommend it for SMB. Itâs not for enterprise by any stretch, but SMB is a good use case for it. Not the âfirewallsâ but the rest of their lineup is bueno for SMB. Example, get a decent firewall, but use UniFi as access switches and wireless and youâre good to go. I donât really trust Ubiquiti with L3 at all either, and their âfirewallsâ are essentially similar to a high end Netgear or Asus routerâŠ.lol
I don't have any issues with Unifi's L2TP/IPsec user VPN approach. L2TP/IPsec is already built into Windows, macOS, iOS, and Android devices, thereby not requiring 3rd party add-on utilities. The ever-present protest by _Lawrence Systems_ that "Unifi doesn't support OpenVPN therefore Unifi gateways are subpar except for home use" is a false narrative. OpenVPN is a relatively new (read unproven) technology, and it's not actually that "open" in that it's narrowly controlled and is actually fee-based on the server side. Monthly fees for your UXG OpenVPN add-on service anyone?
My objective in setting up the networking for my business is simplicity, low IT overhead, and CZcams community support. While networking concepts are in my wheelhouse, I'm about to retire and pass the business on to the next generation. Having a complex hodgepodge of technology from different vendors is a nonstarter for the upcoming generation. With multiple offices and factories in 3 states, a front-to-back Unifi solution keeps both complexity and network management time to a minimum.
First
As long as their router/firewall software remains the same, you shouldn't buy any of their routers/firewalls.
Terrible equipment. Can't stand their adoption bs. Pfsense and cisco for the win đ
I really like your videos man! However in your intro where your promoting your business and Patreon, it's just too much man. It's too long and feels intrusive to the video. I hope you don't put that in your future videos as you will quickly see how many people hate it and skipped over it.
No one can buy anything, they never have any stock!
Just like a politician. Your lips were moving but you werenât saying anything.