Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Unable to run UniFi Controller on FWG

Follow
Avatar
Jan Baniewicz

Hello,

I've found a topic created over 2yrs ago but acutally issues described over there weren't simillar to mine.

https://help.firewalla.com/hc/en-us/community/posts/360051987813-Trying-to-install-Unifi-Controller

I'm trying to run my first docker on FWG and i'm not a pro IT person.

Please confirmt did i understand that correctly:

  1. A network as your docker network, we will use 172.16.1.0/24 in this tutorial.
  2. A static IP for your unifi controller instance, we will use 172.16.1.2 in this tutorial.

Point 1 is network where i will put my Unifi APs - it is named as LAN and under Network Menager (in APP) it exists as 192.168.88.1/24 - as i understand nevertheless it has 1 on the end i should use 192.168.88.0/24 as docker network

Point 2 is static ip of ... ? FireWalla Gold box ? same as this where i am going thru ssh ? so it will be 192.168.88.1

So now... I successfully done  Step 1 point 1 and 2 of guild (where i changed proper ip addresses) like this:

version: "3"

services:
  unifi:
    container_name: unifi
    image: jacobalberty/unifi:latest
    volumes:
      - '/data/unifi/:/unifi'
    restart: unless-stopped
    networks:
      default:
        # static IP address for unifi controller
        ipv4_address: 192.168.88.1
networks:
  default:
    driver: bridge
    ipam:
     config:
       # your chosen docker network here
       - subnet: 192.168.88.0/24

then point 3 with no errors.

Step 2 gave me errors, whenever i try to execute commands:

sudo ip route add 192.168.88.0/24 dev br-$(sudo docker network ls | awk '$2 == "unifi_default" {print $1}') table lan_routable

or

sudo ip route add 192.168.88.0/24 dev br-$(sudo docker network ls | awk '$2 == "unifi_default" {print $1}') table wan_routable

Im getting same info:

RTNETLINK answers: File exists

Then step 4 with corrected FWG ip address with no errors... Besides unify controller is not reachable under unify 8080, 8443 or 192.168.88.1 with those ports...

When im trying to check status i get:

 docker-compose@unifi.service - unifi service with docker compose
   Active: activating (auto-restart) (Result: exit-code) since Fri 2022-10-28 13:12:10 CEST; 3s ago
  Process: 1139 ExecStopPost=/bin/rm -rf $TMPDIR (code=exited, status=0/SUCCESS)
  Process: 25335 ExecStop=/usr/local/bin/docker-compose down -v (code=exited, status=0/SUCCESS)
  Process: 984 ExecStart=/bin/bash -c /usr/local/bin/docker-compose pull; /usr/local/bin/docker-compose up (code=exited, status=1/FAILURE)
  Process: 312 ExecStartPre=/usr/local/bin/docker-compose rm -fv (code=exited, status=0/SUCCESS)
  Process: 311 ExecStartPre=/bin/mkdir -p $TMPDIR (code=exited, status=0/SUCCESS)
 Main PID: 984 (code=exited, status=1/FAILURE)

May someone lead me with it, becouse of i moved to Ubiquiti APs now i want to have control over it... As far as i understand buying Cloud Key or UDM is not nesessary while i got FWG.

0

Comments

32 comments

Sort by Date Votes
  • Avatar
    swampy2b

    I’m asumming you’ve set up a guest network as a VLAN network in Firewalla using the “guest” profile and are configuring rules from there. If so, then yes, an ALLOW rule passing traffic to 172.16.1.2. Should allow clients on the guest network to communicate with the captive portal. That said, I don’t actually have any practical experience with UniFi or what the captive portal offers over setting up an SSID for guests.

    1
    Comment actions Permalink
  • Avatar
    Jan Baniewicz

    Yes, it's working !! Yay thanks guys. Done as you wrote.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post