UDM-Pro: is the inability to handle multiple IP's on the WAN a big problem?

I’m considering the Dream Machine Pro, and some camera’s to take advantage of the Unifi Protect option too.

The reviews of the UDM-Pro with respect to its routing capabilities seems lukewarm.

Is not having the ability to access multiple IP’s on the WAN port that big a deal?

With respect to Unifi protect, I like the idea of purchasing the hardware (1 time cost) and not having to pay licensing fees regularly afterwards. But picking up a Cloud Key Gen 2 + is almost the full way to the cost of the UDM-Pro anyway, so I’m considering it.

I want to be able to isolate my IoT devices (watched a number of videos and it seems the UDM-P is more than capable of that).

I guess I’m looking to see what other are thinking about the UDM-Pro setup.

The inability to not have multiple Public IPs is just an easy to point to example of the ways that all Unifi gateway devices have poor features in terms of what a business router is expected to be capable of. They are actually adding multiple WAN IPs, its in the latest beta software, but that is only going to put a dent in what is missing on Unifi gateways compared to other things that a business may need.

The question to answer is “Do you have any features you require of a router beyond being able to support VLANs?” For most users, especially at home, the UDM-Pro will cover their needs, but it is better to ask first. Don’t make any assumptions when answering this question - people often say “I can’t believe this can’t do X, my $50 consumer router has that!”

1 Like

Totally agree, however it’s a catch-22 situation you don’t know what you need until you see it, pfSense is feature rich but has a steep learning curve. From what I can see, these Ubiquity routers are selected because they are “easy to use” and look cool :slight_smile:

Can’t see a reason to buy one unless you want to replace your consumer router with a pretty GUI.

If you need to remote manage a network and you know the needs are minimal then a Unifi router device of some sort is a great fit. I am happy with the USG that has been running a summer camp’s network for a few years. But I could never use a Unifi router at my house.

Thanks for the replies everyone.

I was just curious brwainer as to why you could never us a Unifi router at your house?
What do you use?

Of everyone who has (or yet may) reply to this thread - what is it you are using and why (software [like pfsense or untangle], hardware [that runs those different software] ) ?

I have a Mikrotik router now . . . if you want steep learning curve, I felt that that was/is it.

I’m not scared of the pfsense learning curve . . . and I have to admit that the ‘pretty GUI’ of Unifi does turn my head a little.
I am not a networking guru but I am really wanting to get my hands a little more dirty.

I am liking the “Protect” idea and I haven’t really seen another option that I’ve liked so far.
Suggestions for alternatives anyone (ones that don’t require a monthly/annual fee)?

Looking forward to the replies.


Earlier brwainer you had suggested I ask myself what it is I’d need/want in a router.

I was thinking that one of the things I’d like to be able to do is manage the bandwidth I have to it’s fullest potential for all.

With a 1Gig connection, if only one group is using it, I’d like for that group to be able to access the full bandwidth if no one else is using it. I want to go beyond just ‘Rate Limiting’ users. I’d like to rate limit users ONLY IF others are also using the connection.
Say I have 3 different users; I’d like a rate limit of 1/3rd of my 1Gig connection. If only 2 of the group are using it, then lets cap the 2 to 1/2 of the 1 Gig connection (if both are doing some heavy downloading) . . . further to this, if 1 of the 2 users is only checking emails or reading forum posts and isn’t putting a huge demand on the connection, I’d like the other user to take full advantage of the spare bandwidth.

Is there a router software that can accomplish such a thing? Can Pfsense?

Thanks again for the consideration.


Are the “Edge Router” series considered . . . “more capable” than say the Dream Machine offerings?

I need multiple public IPs, and to be able to do specific SNAT and DNAT things. I have a unique separation of a personal network and a home business network, as a freelance network engineer. I run a Mikrotik router as the first thing connected to the ISP, and then Untangle for my home network and PFSense for my business network. If I was willing to pay for a business license then I would use a single Untangle router for everything.

Mikrotik RouterOS is a direct implementation of networking principals with minimal handholding. That is the power of Mikrotik. But it means it is not for everyone.

Doing this type of setup, on nearly every firewall device even the slickest enterprise ones, always requires a bit of manual setup of multiple nested or chained bandwidth policies. I would use Untangle and don’t try to configure it exactly as you say - just configure the Bandwidth Control (their equivalent to Queues in Mikrotik) to get results you are happy with.

1 Like