Check UDM Local Admin account status and address questions about Wan SFP.
Check UDM Local Admin account status and address questions about Wan SFP.
Hey guys, got a quick question in regards to the UDM-pro setup requiring a UI account and remote access being forcefully enabled with no way to disable it. I would imagine some of you here are running this router and might be able to answer these questions. I have been thinking about getting this router, but this problem is the only thing holding me back. I do not understand why any router would require something like this, it is a nice option to have I guess for those whom want to access their router remotely (i prefer to just VPN into my network and access it remotely like that) but to have it always on and no way to disable it, and requiring it on set up to me is a bit ridiculous However all the posts that i see complaining about this design flaw are all from about 7-10 months, I am wondering if they have added in the option to use local admin accounts only, and to skip the UI account creation during setup. Or at the very least being able to disable remote access or even decouple the account from the router after setup, so that only a local client with a local admin account can see and do anything on the router. I gotta ask, what do people who buy this device for use on an intranet do to set it up? or if you do set it up with a UI account, what do you do if your WAN connection is dead and you need to get into the router to fix it, how do you do that if the only access to the router is through the online portal, you would essentially have an absolutely useless router. or what if you do not even have an internet connection at the time of setup? to me this seems like an incredibly smooth brained oversight that has absolutely no good reason for it to exist. A side question: does the WAN SFP ports support sync rate of 2.5g? I cannot find any recent posts online about it, but some post indicate that there was a firmware update in the works to enable 2.5g sync rates on the WAN SFP ports, I just want to confirm this is indeed the case. It is not a super big deal breaker, I just really want to yeet my ISP's garbage modem/router combo out the window for its terribly buggy "advanced DMZ" mode and no proper bridge mode, so I am stuck with a double NAT. HH3000 users may know my pain. If there is no solution to the first question, Is there any other good alternatives the a router like the UDM pro? Not being able to disable or skip the UI account creation should be a massive deal breaker for any network admin cause stuff like this happens all the time:
For the first setup you must set up an account with Ubiquiti. After that you can generate a local account on the device and disable remote access. You can reach the router locally without internet by entering the router's IP address and logging in—either online or using local credentials. I use my UDM-PRO as a replacement for Opnsense running as a VM. I require at least one SFP+ module. For WAN 2.5G it’s on their roadmap. If you connect an SFP+ to a RJ45 transceiver that supports 2.5G, they’ll connect if both sides support that speed. In theory, you could configure it via CLI: change mac_mode_needed based on speed, then switch to the appropriate mode. You can manually set it in the CLI using root access.
To turn off remote access, enter your online login details and password. Navigate to system settings located at the bottom right of the screen. Select advanced options and turn off Remote Access. Ensure "Transfer owner" is not enabled after disabling. Done!