I am on Singtel 10Gbps Enhanced Plan with a bridged Singtel ZTE F8648P ONR, so I don’t have a double NAT problem.

For my UniFi setup, I have two limitations. I don’t have space for a server rack and can’t ceiling mount my Access Points (APs).

Despite having no space for a server rack, my networking cabinet can fit 45 x 44 cm server equipment. But it will be very squeezy, so I am not even considering that route.

Networking Cabinet - Inside
Networking Cabinet – Inside

In hindsight, I should have considered ceiling-mounted APs when I renovated my house in 2023. But it is too late for that. So I can only go with wall-mounted APs. Even so, it is not actually mounted on the wall but instead placed on a stand slightly above waist level.

Networking Cabinet - Top
Networking Cabinet – Top

UniFi Design Center
The first website you should visit after embarking on the UniFi journey is the UniFi Design Center. Upload your floor plan, match your measurements, draw walls on the floor plans, and indicate the correct materials for those walls.

My house is a 5-room HDB resale that was built in 2000.

UniFi Design Center - Floor Plan
UniFi Design Center – Floor Plan

Doing that will give you a good idea of how many Access Points (APs) you need. Below is my actual UniFi network topology.

UniFi Design Center - Topology
UniFi Design Center – Topology

UniFi Devices
I wanted at least one AP to have a spectrum analyzer and was deciding between the UniFi E7 and UniFi U7 Pro XGS. I decided to get the E7 since my budget allows it, and you will not go wrong with it, other than being an overkill.

The other AP, I settled for the following best, which is the UniFi U7 Pro XG.

For router, go with UniFi Cloud Gateway Fiber.

For switches, I would highly recommend the UniFi Pro XG 8 PoE as it supports PoE++, so you don’t need to get PoE++ Injectors to power your APs. APs like the E7, U7 Pro XG, and U7 Pro XGS require PoE++.

UniFi - Ports
UniFi – Ports

If you have a budget issue, then I guess you can consider getting the UniFi Flex 2.5G 8 followed by the UniFi PoE++ Adapter (60W).

Here are my UniFi devices:

  • UniFi Cloud Gateway Fiber (UCG-Fiber) – S$389
  • UniFi Pro XG 8 PoE (USW-Pro-XG-8-PoE) – S$809
  • UniFi Flex 2.5G 8 (USW-Flex-2.5G-8) – S$194
  • UniFi Flex 2.5G 5 (USW-Flex-2.5G-5) – S$71
  • UniFi E7 (E7) – S$680
  • UniFi U7 Pro XG (U7-Pro-XG) – S$261
UniFi - Devices
UniFi – Devices

You can read my post, Moving To Ubiquiti UniFi, on where I bought them.

Dashboard
UniFi has to be the best-looking network administration portal I have encountered. It makes the rest look like they are stuck with a 2000s design.

The beautiful dashboard is the first thing that greets you when you log in to the UniFi Console. Throughout my years of using other brands of routers, I have not seen such an easy-to-understand yet detailed dashboard.

UniFi - Dashboard
UniFi – Dashboard

VLAN Setup
Since I am new to VLANs, I watched the YouTube video below several times to fully understand them.

So I kinda follow their setup, to have 5 VLANs:

  • VLAN 1: Default (192.168.1.0/24)
  • VLAN 2: Management (192.168.2.0/24)
  • VLAN 3: Home (192.168.3.0/24)
  • VLAN 4: IOT (192.168.4.0/24)
  • VLAN 99: Guest (192.168.99.0/24)
UniFi - Settings - Overview
UniFi – Settings – Overview

The default VLAN of 1 should not have any devices connected to it. It is a catch-all.

The Management VLAN is where all my UniFi devices are connected to.

The Home VLAN is the primary VLAN to which all my devices should be connected.

As a good practice, technically, you need to separate IOT devices into their own VLAN. So I created an IOT VLAN, but have not played with it yet.

The guest network is straightforward. It is supposed to be isolated. Devices connected should not be able to see any other devices within the network.

Wireless Network Setup
I follow Apple when it comes to naming conventions of my wireless network. zenghuchu, zenghuchu-plus, and zenghuchu-pro.

The original zenghuchu started as my original network name, but became my network for IoT devices along the way. It is only on 2.4GHz.

Then I have the zenghuchu-plus, which is meant for slightly updated devices that support both 2.4GHz and 5GHz.

Finally, I have the zenghuchu-pro, which supports only the latest standards. It is WPA3 only with MLO and no 2.4GHz.

Some point in the future, I will have a zenghuchu-guest as a guest network.

UniFi - Settings - Wireless Networks
UniFi – Settings – Wireless Networks

Wireless Network Channel + Transmit Power
To further optimize your wireless network, besides changing to an uncrowded channel, it is also important to tweak the transmit power of your wireless network.

UniFi - Radios
UniFi – Radios

2.4GHz is a very crowded spectrum, so move your devices to either 5GHz or 6GHz if they support those frequencies.

For my primary AP, the E7 in my dining room, the channels are auto.

I have set the 2.4GHz transmit power to low, 5GHz is high, and 6GHz is auto. This should encourage devices to favour 5GHz instead of 2.4GHz, as the signal should be stronger.

UniFi - Radios - Power - E7
UniFi – Radios – Power – E7

For my secondary AP, the U7 Pro XG in my room, everything is on auto and low transmit power (except 6GHz, which is on auto) to reduce interference to my primary AP.

UniFi - Radios - Power - U7 Pro XG
UniFi – Radios – Power – U7 Pro XG

Spectrum Analyzer
Both the E7 and U7 Pro XGS come with a Spectrum Analyzer. It allows you to scan your surrounding spectrum without downtime to your wireless network.

UniFi - Spectrum Analyzer
UniFi – Spectrum Analyzer

I recommend getting at least one AP with this feature, as it is helpful during your initial setup. After the initial setup, this is just a flex to show your friends.

Look at how crowded 2.4GHz is.

Policy Engine
What comes hand-in-hand with VLAN is Policy Engine, whereby you can configure firewall rules for each VLAN.

UniFi - Settings - Policy Engine
UniFi – Settings – Policy Engine

I have not reached this stage yet, so everything is default right now, which means everyone can see and talk to everyone for now.

Client Devices
To maintain good device hygiene, rename all the devices in your network.

UniFi - Client Devices
UniFi – Client Devices

I do keep a Google Sheet of device names and their MAC address.

Topology
UniFi has a way to visualize your whole network topology. I heard sometimes it is not accurate. But for me, so far it has been correct, as maybe my network setup is simple.

UniFi - Topology
UniFi – Topology

VPN
I use Teleport as my VPN, which is easy to set up and use.

UniFi - Settings - VPN
UniFi – Settings – VPN

Logs
UniFi has detailed logs. Something that I appreciate but don’t use as much.

UniFi - Logs
UniFi – Logs

Backup
By default, your backups are taken weekly.

UniFi - Settings - Backup
UniFi – Settings – Backup

ChatGPT Conclusion
In conclusion, my UniFi setup may not be the most conventional due to space and mounting limitations, but the flexibility and power of UniFi’s ecosystem more than make up for it. From the intuitive Design Center to the robust hardware and feature-rich dashboard, UniFi has given me a level of control and visibility over my network that I never had before. While some features like VLANs and the Policy Engine are still a learning journey for me, the overall experience has been smooth, customizable, and future-proof. For anyone looking to build a reliable, scalable, and beautifully designed home network, UniFi is hard to beat.