Unifi domain name set inform and fully qualified domain

Trying to set up a new unifi network but this time I’d like to use qualified domain name and not ip of the self hosted controller as i had issues tranferring controllers in the past to a different vm with different ip. i understand that I should not adopt devices over the internet, so i’ll adopt them internally. This is how i understand I should do it:

  1. in pfsense in dns resolver make an entry and set host override for say unifi.something.net to point to say where my controller will live.
  2. ssh into unifi devices and do set-inform http://unifi.something.net:8080/inform
  3. i should see the device in the controller now

now if i want to deploy this device in my friends house,

  1. i need to own the something.net domain (say i do)
  2. and if i want to use say cloudflare, make the unifi.something.net point to my public ip address (it can’t be proxied by cloudflare right?)
  3. in pfsense i need to forward port 8080 to the ip of the controller, in this example port 8080
  4. do i also need to forward the stun port?
  5. is that a secure way of doing this? i will not be exposing the web management to the internet.

does that sound right or did i mess this up?

I would have a look at this Ingress Ports Required for L3 Management Over the Internet (Incoming) There are a couple of ports that you need open to the whole wide world. These are the STUN port and the UniFi inform port. Rest art optional.

In the beginning of this video I cover how to do DNS with the self hosted controller.

1 Like

Also note that if you are just testing i would recommend not having the “Inform Host Override” set up. If it is then it will auto override your initial inform and potentially give you a head ache troubleshooting