Skip to main content
All CollectionsRouter Configuration
Ubiquiti USG Router Setup
Ubiquiti USG Router Setup

Configuring Ubiquiti USG to work with Neptune Internet

M
Written by Murry
Updated yesterday

Setting up a Ubiquiti USG can be a complex task as it requires additional software to operate. The latest firmware dates back to Jan 2023 (UniFi Security Gateway 4.4.57), and we don't recommend using these devices. Nevertheless, if you have one or prefer its features, these instructions may be helpful.

Getting Started

Connect the WAN interface of your USG to the NBN® NTD and the LAN interface to your home network or the network adapter of your computer. We assume that your desktop or laptop has a network card installed.

Once connected, the router should assign you an address from the 192.168.1.0/24 range. If you're connected to Neptune Internet, your internet should work. For most users, the configuration can stop here if the internet is functional. However, we recommend continuing with the setup to change the default password of your router and install the latest available updates.

Navigate to https://192.168.1.1. The default login and password are ubnt and ubnt. The USG will prompt you to download the UniFi controller.

You can either download the UniFi controller from the website and run it on your machine or use a container-based installation if you use a Raspberry Pi or similar devices for home automation.

Fast Track SSH Method

If you don't want to configure via the UI and are fine without default firewall rules (or plan to configure them via SSH later), you can try SSHing into the device to perform the configuration. The default username and password are ubnt. The minimal configuration is shown below.

ssh 192.168.1.1 -l ubnt

Enter config mode

configure

Configure WAN (assume eth0 is WAN).

set interfaces ethernet eth0 ipv6 address autoconf
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface eth1 prefix-id 0
set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length 48
set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable

Configure LAN (assuming eth1 is LAN)

set interfaces ethernet eth1 ipv6 address 'prefix-delegation ::1/64'
set interfaces ethernet eth1 ipv6 router-advert prefix '::/64' 
set interfaces ethernet eth1 ipv6 router-advert prefix '::/64' autonomous
set interfaces ethernet eth1 ipv6 router-advert prefix '::/64' valid-lifetime 3600
set interfaces ethernet eth1 ipv6 router-advert prefix '::/64' preferred-lifetime 1800
set interfaces ethernet eth1 ipv6 router-advert other-config-flag true

Commit and save

commit
save

Starting UniFi Docker-Application

We assume you are familiar with the Linux/Unix terminal and containerization software like Podman or Docker. If not, please use the official UniFi app.

Create `unifi` and `data` directories and change into `unifi`

mkdir -p unifi/data && cd unifi

Create a compose file. Please change passwords that are marked as PLEASE_CHANGE_ME

cat <<EOF > docker-compose.yml
---
services:
  unifi-db:
    image: docker.io/mongo:latest
    container_name: unifi-db
    environment:
      - MONGO_INITDB_ROOT_USERNAME=root
      - MONGO_INITDB_ROOT_PASSWORD=PLEASE_CHANGE_ME
      - MONGO_USER=unifi
      - MONGO_PASS=PLEASE_CHANGE_ME
      - MONGO_DBNAME=unifi
      - MONGO_AUTHSOURCE=admin
    volumes:
      - ./data:/data/db
      - ./init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh:ro
    restart: unless-stopped
  unifi-network-application:
    image: lscr.io/linuxserver/unifi-network-application:latest
    container_name: unifi-network-application
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - MONGO_USER=unifi
      - MONGO_PASS=PLEASE_CHANGE_ME
      - MONGO_HOST=unifi-db
      - MONGO_PORT=27017
      - MONGO_DBNAME=unifi
      - MONGO_AUTHSOURCE=admin
      - MEM_LIMIT=1024 #optional
      - MEM_STARTUP=1024 #optional
      - MONGO_TLS= #optional
    volumes:
      - ./data:/config
    ports:
      - 8443:8443
      - 3478:3478/udp
      - 10001:10001/udp
      - 8080:8080
      - 1900:1900/udp #optional
      - 8843:8843 #optional
      - 8880:8880 #optional
      - 6789:6789 #optional
      - 5514:5514/udp #optional
    restart: unless-stopped
EOF
```

Create a mongo db `./init-mongo.sh` script (docker-unifi-network-application uses MongoDB store information from your USG). Please create a named file and paste the content below with a preferred editor.

```sh
#!/bin/bash

if which mongosh > /dev/null 2>&1; then
  mongo_init_bin='mongosh'
else
  mongo_init_bin='mongo'
fi
"${mongo_init_bin}" <<EOF
use ${MONGO_AUTHSOURCE}
db.auth("${MONGO_INITDB_ROOT_USERNAME}", "${MONGO_INITDB_ROOT_PASSWORD}")
db.createUser({
  user: "${MONGO_USER}",
  pwd: "${MONGO_PASS}",
  roles: [
    { db: "${MONGO_DBNAME}", role: "dbOwner" },
    { db: "${MONGO_DBNAME}_stat", role: "dbOwner" }
  ]
})
EOF

Create a mongo db ./init-mongo.sh script (docker-unifi-network-application uses MongoDB store information from your USG). Please create a named file and paste the content below with a preferred editor.

#!/bin/bash

if which mongosh > /dev/null 2>&1; then
  mongo_init_bin='mongosh'
else
  mongo_init_bin='mongo'
fi
"${mongo_init_bin}" <<EOF
use ${MONGO_AUTHSOURCE}
db.auth("${MONGO_INITDB_ROOT_USERNAME}", "${MONGO_INITDB_ROOT_PASSWORD}")
db.createUser({
  user: "${MONGO_USER}",
  pwd: "${MONGO_PASS}",
  roles: [
    { db: "${MONGO_DBNAME}", role: "dbOwner" },
    { db: "${MONGO_DBNAME}_stat", role: "dbOwner" }
  ]
})
EOF

Make it executable

chmod +x ./init-mongo.sh

Finally run the compose command.

podman-compose up

Take a note of the IP address of the machine. It's 192.168.1.6 in this example.

Adopting the USG on the UniFi Server

  1. Navigate to https://192.168.1.1/#/manage/configuration and update the Inform URL to http://<your-server-ip>:8080/inform. Replace <your-server-ip> with the IP address of the machine running the UniFi server.

  2. After a few seconds, you should see a pop-up stating "Waiting for Adoption." Don't confirm yet; instead, head to the UniFi Server Web UI (e.g., https://<your-server-ip>:8443).

  3. Select country.

  4. Click Advanced and Skip creating online account if you prefer.

  5. Create a local account and set the password.

  6. On the dashboard select your device and click "Adopt".

  7. Return to https://192.168.1.1/#/manage/configuration and confirm the "adoption."

Configuring IPv6

Internet (WAN) Configuration

  1. Go to the UniFi server at https://<your-server-ip>:8443/manage/default/dashboard.

  2. Select the gear icon (Settings).

  3. Under "Internet," click "Primary WAN1."

  4. Set:

    • IPv4 Configuration: DHCP

    • IPv6 Configuration: DHCPv6

    • Prefix Delegation Size: 48

  5. Click Apply.

LAN Configuration

  1. In Settings, select "Networks."

  2. Choose "Default" (USG).

  3. Set:

    • Protocol: IPv6

    • Interface Type: Prefix Delegation (Primary WAN1)

    • Prefix Delegation ID: 0.

  4. Click Apply.

Validating Configuration via SSH

Please note that IPv6 address on the WAN interface is not displayed on the UniFi Dashboard. However you can validate that the SLAAC address was successfully assigned on the interface.

You can use ssh 192.168.1.1 -l your-user

  • And then issue show interfaces command. In the example bellow eth0 is WAN interface that has IPv4 and IPv6 addresses assigned.

  • eth1 is the LAN interface and it has internal IPv4 192.168.1./24 assigned and an IPv6 address from the delegated IPv6 Prefix.

Related Articles
How to Configure Your Router in DHCP Mode
How to Configure IPv6 on Your Router
Did this answer your question?