UniFi Network Controller 5.10.12 Stable has been released



Introducing our latest release for UniFi Network hardware. This is the first stable release for UniFi Network 5.10, which is our current stable release branch.

Important Notice:
We've updated the UniFi Network controller to improve security. Starting with UniFi Network version 5.10, the required minimum firmware for UAP/USW will be 4.0.9 and for USG will be 4.4.34. Devices on earlier firmware will show in the controller and work as you've configured them, this update doesn't change any of the settings. However, please note you will not be able to modify the device configuration until you update the firmware.

This update contains an upgrade to the overall security of the UniFi platform and its devices, it is highly recommend that everyone upgrades to this version. We will also be preparing 5.6.41 to accommodate 1st gen AC devices.

We want our users to have time for adoption and migration to this version, all feedback is welcome.

How to play safe?
Make sure you always do a backup before any updates, especially if you plan to upgrade your existing installation.

  • As always, make a backup prior to upgrading.
  • For people who are migrating from v3, there're many changes to APIs and it's not backward compatible. You may need to update the shell library (unifi_sh_api) and/or your customized portal/external portal code.
  • Windows users must have x64 Java installed to use the unifi.ubnt.com cloud tie in, as we only support 64 bit webRTC library. Please see HERE and download the missing version (64bit offline Windows install package). The controller will run in an x86 only environment, or with x86 Java, but the unifi.ubnt.com tie in will not work.
  • You cannot re-use a VLAN ID for dynamic VLAN if it is set as a static value for another SSID on the same AP. So, if I have a SSID set to use VLAN 10, I cannot use VLAN ID 10 for RADIUS controlled VLAN users as those users will not get an IP.
  • Smart Queue QoS is similar to the implementation as in EdgeOS (see HERE). It's worth noting that maximum throughput will be affected when using QoS, as traffic is not offloaded. There are some rough guidelines in the article linked above.
  • DFS channels can not be used for wireless uplink in the US. Please use non-DFS channels if you need to use wireless uplink on dual band UAPs.
  • Official UniFi MIBs can be downloaded from HERE and HERE (those are 2 different files).
  • For hotspot management console, make sure you have bookmark the URL with site ID (i.e. x66cipn3, or whatever random string is generated for that site). For example: https://unifi.yourdomain.com:8443/manage/hotspot/site/SITE_ID
  • For Debian/Ubuntu users, please update your APT source (see HERE).
    • unifi-beta/unifi-rapid are obsoleted. The old repo has been removed.
    • The following affects APT versions 1.5 onward (Ubuntu 17.10 and Debian Sid or newer). A recent version of the apt-secure man page stated: "Since version 1.5 changes in the information contained in the Release file about the repository need to be confirmed before APT continues to apply updates from this repository", meaning that when performing an update from a major version to the next (for example 5.6.x to 5.7.x) the apt-get update will result in an error. To fix this run the command the following way: apt-get update --allow-releaseinfo-change
  • Cloud Access feature in this release is not supported on Linux/ARMv6 architecture (e.g. Raspberry Pi 1). If you have problem starting controller on this platform, please remove the native library:
    sudo rm /usr/lib/unifi/lib/native/Linux/armhf/libubnt_webrtc_jni.so
  • As of 5.7.x+ we only support Java 8. At this time Java 9+ is not supported.
  • Features like airtime fairness, bandsteering, load balancing and minimum RSSI are default disabled. If you need them you need to go to Settings>Site and check Enable advanced features.
  • If you previously used Google Maps for a site map, then you have to enable this feature again by adding an API key. This is done under Settings>Controller. There is a linked guide with instructions.
  • New Cloud Access requires outbound 8883/tcp to be open/unrestricted.
  • Linux systems must be running a version of MongoDB prior to 3.6.x. We recommend 3.4.x. This is most likely to be an issue on Ubuntu 18.04 LTS, as it currently offers MongoDB 3.6.x.
  • The proper keystore alias and name are `unifi`. If your custom SSL cert is no longer working, please verify that you are using the proper keystore and alias. A bug previously allowed `ubnt` to work, although that was never technically correct. If you find mention of these invalid steps on the community, please point them out so we can fix them.
  • The initial database migration will take longer than normal. It is expected to see mongo using most, if not all, of the available CPU cycles during this process. Please be patient, this process could easily take 15+ minutes, depending on the amount of historical stats, as well as the system specs. As always, err on the side of caution, and make a backup before upgrading.
  • The controller will not start if it is set to bind to a privileged port (<1024), as it now runs as a non-root user.
  • If your controller is running on a UniFi Cloud Key (UCK), make sure it is on firmware 0.6.4 or later, otherwise the controller will not start. This firmware is available via the normal upgrade mechanism found in the controller or it's local management page. Make sure to make a backup before upgrading the UCK firmware, as you'll need it to restore after, and it's good to have a backup on hand before any controller upgrade.
  • Support for PicoM2 and 1st gen AC models was dropped in 5.7.x. Please see our announcement HERE.
  • As of release branch 5.7.x we've made some important changes to the Wireless Uplink feature (feature details HERE).
    • We removed the "Enable automatic uplink failover" from wireless uplinks as it is no longer needed.
    • We added the ability to opt an AP in or out of wireless uplinking to another AP. This is done by checking the "Allow meshing to another access point" option found under device properties>Config>Wireless Uplink.
      • This option should be disabled on wired APs, but is required to be enabled on wireless APs.
      • If you disable this option on a downlink/wireless AP, then your AP will be disconnected from the network and require further action (including physical access).
      • If upgrading from 5.6>5.7 then this already be disabled on wired APs, but if upgrading from an earlier 5.7. release then this may be enabled on wired APs.
      • Again, this option should be enabled on downlink/wireless UAPs only. It should not be enabled on wired UAPs.
    • We added the ability to set uplink priorties. This allows you to define the preferred uplinks for a downlink/wireless AP.
  • Fixed IPs (DHCP reservations) are now required to use unique IPs. The same IP cannot be assigned to more than one device. For configurations that already contain duplicates, only the most recently active device will have its fixed IP provisioned to USG. The controller's server.log will contain a log message skip provisioning duplicate fixed IP <IP address> for user[<MAC address>] indicating which was omitted where there are conflicts.

Possible Upgrade Paths:
  • <=5.10.11 | <=5.9.33 | <=5.8.30 | <=5.7.28 | <=5.6.40 and most earlier releases (going back to 3.1.0). There may be some version specific exceptions to this list.
    • The above versions are to indicate which version is supported to upgrade from for recent release branches. As long as you are on that release, or an earlier release within that branch, then you can (directly) upgrade to this release.
    • If you're on a newer release than what is mentioned, then you'll have to wait until this release is updated so that it supports upgrading from the release you're running now.

Known Issues:
  • airTime will not work if a radio is disabled and/or there isn't any SSID present. This will be fixed in a future release. If you enable it, and it still isn't working, then you may need to force a refresh without cache.
  • If you start both a 2.4GHz and 5GHz scan in quick succession, then it will fail.
  • It is expected that airView will stop occasionally. A stop/start sequence should restore functionality.
  • If you start an airTime scan while airView is running, then airView will stop and you'll need to perform a stop/start sequence to get it working again. This will be fixed in the future.
  • Some statistics on the dashboard are still under development. Please share any and all feedback!
  • If the web interface doesn't seem to be displayed/drawn properly, then you likely are hitting a browser caching issue. Please force a hard refresh, and that will clear up any caching issues. Thanks!

New Features:
  • Add dark mode.
  • Add WiFi Experience Score.
  • Add Network and Wi-Fi Performance Optimization feature.
  • Add option for enabling syslog and netconsole to log to local controller.
  • Add What's New screen.
    • The What's New screen on the UniFi Network Controller will provide our users with new updates we’ve made to the controller within a visual treatment that’s easy to review.
  • Configure switch port speed based on device capabilities.

Controller bugfixes/changes since 5.9.29:
  • Add bidirectional firewall rules for blocking traffic detected by IPS.
  • Add unsupported state for devices.
  • Add interim firmware update for UAP, UAP-LR, UAP-OD, UAP-OD5.*
  • Add Adopt and Upgrade action for unsupported devices.
  • Add Icon for WAN Transition Event/Alert.
  • Add RFC 3261 unreserved characters to SIP username, extension, and password fields.
  • Add fixed vs inline property panel preference.
  • Add Traditional Chinese (ZH_TW) into language list.
  • Add option to disable 5GHz only for high performance clients (of the Auto-Optimize Network feature).
  • Add firmware error detection flags for certain system events.*
  • Add events for features enabled by Auto-Optimize Network feature.
  • Add unavilable text to Stats Overview modules.
  • Check for latest firmware when running custom upgrade.
  • Replaced devices icons with photos.
  • Use new styling for Port Diagrams.
  • Make action buttons in tables sticky.
  • Blocked clients not counted in Association Failures widget.
  • Include manual site-to-site VPNs on site import.
  • Improve Controller Wizard.
  • Improve accuracy of Neighboring Access Points.
  • Improve auto positioning tooltip.
  • Improve tooltip for local login with UBNT Account.
  • Improve Most Active APs Widget
  • Improve navigation in Wizard
  • Improve global side nav.
  • Allow setting Switch port name same as profile name.
  • Move preferences to settings as User Interface.
  • Button improvements.
  • Updated events and alerts.
  • Updated Insights and Statistics to use new header panel styles.
  • Updated Traffic Stats tables to use new table styles.
  • Update UniFi Network logo and title.
  • Updated device grid status bars.
  • Updated DPI chart UI.
  • AP Property Panel - RF tooltip positioning improvement.
  • Controller update available popup - add option to ignore.
  • Fix RADIUS Profile tooltip in WPA Enterprise settings.
  • IPS Map: Country labels are not refreshed after changing language.
  • Generate an event when MongoDB size exceeds 1.25GB on UniFi Cloud Key (1st gen only).
  • Fix false rejections of valid IPv6 addresses for firewall groups and static routes.
  • Fix firmware caching when firmware update service returns an error.
  • Fix a bug which may have prevented database migration when upgrading the controller.
  • Fix Missing logo in Sites overview.
  • Fix empty Property Panel after page reload.
  • Fix Release notes bounce when left open on low height screen.
  • Fix empty ISP Graph X axis scale.
  • Fix Moved temperature in USG overview property panel.
  • Fix always displayed warning about not allowed channels.
  • Fix device table icon padding.
  • Fix WebRTC functionality on recent builds of Firefox.
  • Fix various text overflow issues.
  • Fix client historical label displaying the wrong value.
  • Fix known clients inconsistency.
  • Fix incorrect client's uplink in Client List view.
  • Fix double DHCPv6-PD node with PPPoE and DHCPv6.
  • Fix Compact Database feature.
  • Fix some untranslated strings in Insights/Switch Stats view.
  • Fix XSS on fatal page.
  • Fix interim update interval provisioning.
  • Fix broken Device dist. module color picker.
  • Fix console error in Hotspot Manager > Payments and Transactions > click on Payments button.
  • Fix batch edit for nanoHD/In-Wall HD (and possibly other SKUs).
  • Fix Release notes bounce when left open on low height screen.
  • Fix unreadable controller logs when using default/lower loglevels.
  • Fix issue which would cause devices to get stuck in adopting state.
  • Fix a NPE which may occur when attempting to adopt a USG, and on every inform from it.
  • Fix validation in Add Client form.
  • Fix AP VLAN toggle applying to another property panel.
  • Fix for long name overlapping.
  • Fix missing adopt button for USG in Property Panel.
  • Fix no DPI data when switching from Overview to Apps.
  • Fix position and size of tooltips.
  • Fix sorting via model doesn't work for UniFi AP-BaseStationXG.
  • Fix icon size of dashboard DPI modules.
  • Fix spacing on Switch port profiles tagged networks checkboxes.
  • Fix wireless uplink detection when using Auto-Optimize Network feature.
  • Fix and improve database handling to mitigate migration issues with large databases (reported HERE).
  • Fix incorrect LAN traffic counter on switching widget.
  • Fix voucher printing.
  • Fix displaying Tx and Rx Radio values in Devices panel.
  • Fix displaying Wi-Fi Experience for devices with one type of radio.
  • Fix firmware notice alignment.
  • Fix IPS date range.
  • Fix tooltip for Adopting multiple USG.
  • Fix the error message when deleting user groups attached to WLANs.
  • Hide PoE label on switch port profile form when no PoE options available.
  • No margin between buttons in airView.
  • Remove ambiguity from switch power consumption in device properties.
  • Switch ISP upload/download colors.
  • Port Usage widget cleanup and componentization.
  • Legacy (Svg) map - add workaround for Chrome bug when device marker is moved to top left corner on animation applied.
  • Dashboard main status: fix case when no WIFi Experience is available (i.e. 0 APs) but vertical separator is shown.
  • Add missing icon for STP blocking event.
  • Firewall: Fix saving IPv6 rules.
  • IPS: fix Geo Location that was incorrect in certain cases.
  • Security improvements.
  • Various bug fixes and improvements.
*This upgrade will run on any device an admin upgrades via the controller. It will only run on the models mentioned when they are running firmware prior to 4.0.6. These devices will first have to upgrade to 4.0.10, and then they can upgrade to the desired 4.x release from there.

Recommended Firmware:

*please read the important notice at the top of this post

This release follows our staggered release structure which means it will initially be available via this blog post only. It will be posted to the download site and official repos in the near future. If you aren't familiar with our release structure, please take a moment to read our post HERE. Thanks!

Verder lezen...


New UniFier
Net de upgrade gedaan, via de CK. firmware 0.13.2 samen met de controller upgrade 5.10.12
Dit ging verassend snel . re-adopting vn de Devices ook perfect
en wat ziet die dark mode er prachtig uit ?Schermafbeelding 2019-02-09 om 06.00.21.pngSchermafbeelding 2019-02-09 om 05.59.38.pngSchermafbeelding 2019-02-09 om 05.59.13.png