UniFi: Network Setup and Configuration for Short Term Rentals (Complete Guide)

Step 4: Configure WAN (Internet) Settings in UniFi

1. Login to unifi.ui.com and open the Network app for the location you’re choosing to setup.

2. On the Network Dashboard, enter settings (bottom-right).

3. Click on the “Internet” tab.

4. Click on WAN1 configuration, and set it up using the configuration provided by your ISP.

• Under the Advanced section, select “Manual” and choose the appropriate IPv4 Configuration and/or IPv6 configuration.
• Typically, this will be IPv4 PPPoE, and will include credentials that you need to login to your ISP. Follow instructions provided by your ISP for proper configuration of this WAN setup.

To allow for fast recovery if the modem ever needs to be factory reset, the UDM Pro allows you to setup and configure multiple WAN setups, which you can assign to different internet ports.  We suggest that you configure a standard WAN setup for DHCP, which is the default of all internet devices to hand out IP addresses out of the box or factory reset, and a second WAN setup to interface with your ISP in pass-thru mode. Then, if you need to factory reset your internet access device, you simply change the port it plugs into your UDM Pro, and your UDM Pro will immediately communicate with it properly.

To do this:

1. There will be an existing Primary (WAN1) configuration present that you setup above. Rename it to “Primary (ISP)” or some similar name.
2. There will be a second unconfigured Secondary (WAN2) configuration, edit it and rename it to something called “Secondary (DHCP).” In the future, if things go awry, you can factory reset your internet device and switch the ports your UDM Pro is connecting with to the WAN2 port to quickly get back online and into into the internet device’s configuration.
   1. Leave this configuration set to “Auto” which defaults to DHCP:
      

Now that you have both WAN setups, you can easily switch between them by switching which port you connect the UniFi router to your modem. In a factory reset situation, you connect the modem to your “Default DHCP” configured port (WAN2), but once set to pass-thru, you switch the cable to the “ISP” configured port (WAN1).

We recommend changing the default network IP range so that there is no possibility it will conflict with your current or a future internet device’s network.

To do so, update the “Host Address” field to “192.168.50.1“. When you change this field, the Gateway, Broadcast and IP Ranges will automatically update to the new network subnet, and will look like the following:

If you’re interested content filtering on your default network or a separate “Kids” network, set the content filtering to “Family:”

From “Networks,” click “New Virtual Network,” name it “Guest”, and set a different subnet. We recommend using a very high subnet, like “192.168.199.0” and then click “Manual” under “Advanced.”

Then under “Advanced” set a large VLAN ID, like 100 as shown below, and check the “Guest Network” box, similar to the following:

When you’re done, you should have several networks with different VLAN IDs and different Subnets, similar to the following:

Setup your multiple WiFi networks for your personal devices, your guest’s devices, and any other uses you see fit.

1. Click on the WiFi tab
2. Add a second WiFi network which will be your guest network.
3. Name it something related to your property and easy for guests to identify
4. Set the WiFi password, but utilize a different password, one that is easy for your guests to remember and completely different than your
   default.
5. Under “Network,” switch the option to “Guest” (which we just created above)

If you want to implement bandwidth controls for the guest network:

1. Return to the Wi-Fi config
2. Select the “Guest” Wi-Fi
3. Under “Advanced” enable the “WiFi Speed Limit” and then click “Create New Profile” to create the “Guest” profile
   1. Set the name: Guest
   2. Set any download bandwidth limit if you desire
   3. Most importantly, if your network can be overwhelmed by too much upload, set the upload bandwidth limit

If you want the captive portal to have guests agree to your terms of service:

1. Under “Advanced” switch it to “Manual”
2. Under “Hotspot” choose “Captive Portal”
3. Then click the “Hotspot Portal” link to open the configuration for the Captive Portal under “Hotspot” configuration:
   1. Upload a logo
   2. Upload a background
4. Set the text to be used on the captive portal

If you want to implement bandwidth controls for the guest network

1. Return to the Wi-Fi config
2. Select the “Guest” Wi-Fi
3. Under “Advanced” enable the “WiFi Speed Limit” and then click “Create New Profile” to create the “Guest” profile
   1. Set the name: Guest
   2. Set any download bandwidth limit if you desire (we recommend none)
   3. Most importantly, if your network can be overwhelmed by too much upload, set the upload bandwidth limit

Set the bandwidth limit dropdown to “Guest” that you just created.

If you later need to edit the speed limit, search for “WiFi Speed Limit” in the settings and edit the “Guest” speed limit settings.

You will need to set up a new virtual network and WiFi network for the this purpose only, you won’t want to use anything we’ve already configured.

1. Return to the “Networks” tab
2. Click “New Virtual Network,” name it “Isolated” or something meaningful for your use (in our example, we named it “SmartThings and
   Matter”) and set a different subnet.
3. Click “Save”
4. Return to the WiFi tab
5. Create a new WiFi network, name it “Isolated” or something meaningful for your use (in our example, we named it “JF Isolated”)
6. Click on the “Security” tab
7. Click on the “Traffic & Firewall Rules” tab on the top
8. Retain the “Simple” view, and click “Create Entry”
   1. Name the new rule “Block traffic to/from isolated”
   2. Keep Action set to “Block”
   3. Set Source to the new “Isolated” network, in our example named “SmartThings and Matter”
   4. Under Destination, select “Local Network” and then select all other networks you have created, except the “Isolated” network
   5. Set Traffic Direction to “Both Directions”
   6. Schedule set to “Always”

Now that you have the isolated network and rules established, you need to move all of your smart devices to the new isolated network.

1. If your smart home hub (or any other smart device) is connected via ethernet, edit the port it is connected to so it is assigned to the
   “Isolated” network:
   1. On the far left bar, click “UniFi Devices”
   2. Click the switch or the router device that your smart home hub is connected to
   3. Click the “Port Manager” button
   4. Select the port number your smart hub is connected to, name the port and select your “Isolated” network:

If your smart home hub is connected via WiFi, ensure you connect it to the “Isolated” WiFi network instead of one of your others. For any WiFi smart device you own, reconnect it to the “Isolated” WiFi network.