Everything Wrong with the UDM-Pro (2024)

Подписаться 24 тыс.

Просмотров 2,9 тыс.

50% 1

In this video, I "review" the UDM-Pro from the perspective of an advanced networking need. Brace yourself, because it sounds like I'm not too fond of this device and I slam a lot of its most useful features. In reality, I still use it as my primary gateway and it works very well. It just isn't the same cost-to-feature ratio as other Ubiquiti offerings.
Timestamps:
Intro: 00:00
Confusing Firewall Rules: 02:33
NAT Configuration: 06:05
VPN Woes: 08:08
Wireguard Client Woes: 19:30
SNMP: 27:06
OSPF: 29:30
Security Services & Logging: 35:53
Multi-Site Management: 41:35
AD Block & Threat Reporting: 43:07
GEO-IP Filtering Logs: 47:21
Shadow Mode: 54:40
General "Unifi" Miscommunications: 57:40
SSH Access: 58:45
Subjective Frequent Outages....:1:00:13
Outro: 1:01:23

Опубликовано:

8 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 19

@kgury 11 дней назад

as a UDM owner, I pray Ubiquiti watches this

@carlyleroberts3995 6 дней назад

Excellent review Toasty I hope Unifi listens to your comments! I use the UDM Pro in a business environment with about 100 connected devices because it's almost plug and play, decent GUI, no annual license, reasonably good IPS and IDS, Wireguard VPN for cell phones and automatic Internet failover and the price point makes is affordable for SMEs.

@bryandulock5286 8 дней назад

This is excellent feedback for Ubiquiti. I agree the advanced firewall rules are somewhat ambiguous in how one might interpret them.

@pauldunecat 12 дней назад

Quite the vid, thank you. I loved my abandoned ER4, even when they borked the kernel update so bad. I'm so done with Unifi stuff, their software quality is on par with Microsoft, meaning we are all the alpha/beta testers for broken software stacks. I just run a Fortigate at home now, it actually works, as long as you don't do any client VPNs with it, as they too can't seem to do that properly. Enshitification is REAL out there.

@GarvsTavern 2 дня назад

Why did you create all the firewall rules to prevent your VLAN's from talking to each other instead of using the "Isolate Network" checkbox under each network? Is there an advantage to creating your own rules vs. using the checkbox to enable the unifi predefined rules?

@apalrdsadventures День назад

If you use IPv6 then you don't need to worry about NAT between overlapping subnets :)

@darrenoleary5952 12 дней назад

@Toasty, I'm currently running dual Edgerouter4's in a VRRP configuration. I am considering moving to something else that is similar in functionality and technicality, not necessarily retaining a VRRP config, but I don't want to go to any of the UDM lines like the Pro, SE, Pro Max, etc for the reasons you've pointed out in this video, but also because I feel that these devices, especially the Pro, are still too buggy in their reliability for my liking. What would you recommend?

@ToastyAnswers 11 дней назад

Personally, (as I mentioned in the video) I just retained my existing ER4 to take care of everything the UDM doesn't support. However, if I were to consolidate and move to something different, I would probably gravitate towards Pfsense/Opnsense. I've worked with these in the past, and they appear to support most of the features I would want. Another option I considered is an Edgerouter that supports 10Gb with a separate box running Pfsense in line mode (or whatever it's called... where it's just a pass-thru for threat detection). However, the cost of both is probably about the same as a higher-end standalone Pfsense box. If price wasn't a consideration... I'd probably consider a beefy SonicWall, but that's mostly because I'm familiar with the platform. It is cost-prohibitive in a home environment, though.

@_Heth_ 8 дней назад

I have to agree with this video. Currently I prefer to use Palo Alto which gives you all the granular configuration options and I understand Palo Alto cost way more but they should consider a higher end enterprise solution. Also, Im confused how the UDM process firewall rules. if I deny a particular traffic lets say all DNS traffic and then allow DNS to and from a specific DNS server and pace that rule at the top of the deny all DNS it doesn't work. Thenn some of those apps and app groups don't work correctly ll the time.

@News_PAL 12 дней назад

And, although you only uploaded this 2 hours ago, the tabs and interface is different 🙂

@ToastyAnswers 11 дней назад

Yeah... I'm going to have to do an update. I recorded this a couple months ago right before the new update came out. You're right, they did fix one of my main complaints in the security tab along with some updates to other things.

@News_PAL 12 дней назад

Maybe you should have updated to 8.2.93 before uploading this video as there is a lot of improvement in the security tab

@JohnnyB_RO 6 дней назад

Yes, you are not using the latest available version, missing quite a few new features....please redo this vidoe after that update, it would be interesting to see your input after that.