Discussing an arbitrary SSID and guest captive portal within Unifi setup.
Discussing an arbitrary SSID and guest captive portal within Unifi setup.
Hey there, I'm trying to figure out this Unifi setup. I have four SSIDs set up, three of them hidden, and the only one visible is my guest network. On my laptop, I see both the Guest SSID and a "Hidden Network" network, but my phone doesn't detect anything. Most people who reported similar issues had their wireless uplink enabled, yet they could see the network on all devices. That doesn't seem right since my uplink isn't active. I think this network should belong to my local network, but it's showing up on my laptop instead. I'm also seeing the IP address of my controller in the URL when devices open the guest portal, which is a bit concerning. I'm not sure if this is safe and want to know how to change it if needed.
don't conceal your ssids, it's worse for security and more annoying to use. that's not the ssid—it's the device indicating an AP with a hidden ssid nearby. Not every device does this, so it's likely your local IP. This won't impact security at all. You can direct the captive portal to any web server you prefer.
Interesting how security gets worse when passwords are still needed. I have four separate wireless setups—main network, guest access, IoT devices, and non-device gadgets. I thought adding passwords would help, then hiding them to reduce clutter. I’m okay typing them in on new devices.
Your devices can't determine if the SSID is available, so they continuously transmit it and request a connection. Now you can locate the SSID if you're within range of the device. Set up a password, but keep the SSIDs visible.
I also came across that. My concern is whether it weakens security since not hiding them means the SSID is still visible, but if you do hide it, the device will broadcast to find them, making both equally exposed to anyone checking. Doesn't that mean the outcome is similar whether it's the router or the device broadcasting?
It’s understandable you’re concerned about security. With only a laptop and phone, keeping IoT devices hidden can reduce exposure. The captive portal should load your main login page without showing the controller’s IP, which is good. Using a landing page with promotional links instead of a direct IP helps maintain control. Pre-authorization access under access control adds an extra layer of protection.
Id still make them visible, no reason not to. The ip of the controller won't affect security at all, its your local ip, they can't do anything with that.