Notes

🏑 πŸ“Ά Home Network Setup

2019-09-28
Updated on 2023-11-14

Infrastructure

Access Points

  • Ubiquiti U6-IW UniFi U6 In-Wall (Living Room)
  • Ubiquiti UAP-IW-HD UniFi In-Wall WiFi 5 PoE+ (Office)
  • Ubiquiti UniFi AC In-Wall Access Point - UAP-AC-IW (Unused)

Switch

  • Ubiquiti UniFi US-8-150W Switch

Gateway

  • Ubiquiti UniFi USG Security Gateway

Router

  • Virgin Media Router 3.0

Other Hardware

  • Raspberry Pi 8GB x 2
  • Raspberry Pi 4GB x 1
  • Ubiquiti Unifi Cloud Key Gen 1 (Unused)

Networking

VLANs

  • NETMAN | 10.69.1.1/24
  • SERVER | 10.69.2.1/24 (VLan ID 2)
  • CLIENT | 10.69.3.1/24 (VLan ID 3)
  • IOT | 10.69.4.1/24 (VLan ID 4)
  • GUEST | 10.69.5.1/24 (VLan ID 5)

SSIDs

  • "-X"
  • "-Guest"
  • "-IOT" (Hidden)

Services

Setup

Prepraing the Pi's…

  1. Attach the POE+ Hats… β€”Β failrly straight forward
  2. Using the Raspberry Pi Imager tool, install Raspberry Pi OS Lite 64 bit on to the Micro SD Card (SanDisk Extreme 128 GB)

Installing software

  • Update packages
    • sudo apt update // check if any packages can be updated
  • Upgrade packages
    • sudo apt upgrade // upgrades any packages requiring an upgrade
  • Reboot the Pi
    • sudo reboot
  • Install Docker
    • curl -sSL https://get.docker.com | sh // pipes the contents of get.docker.com into shell
  • Add the user to the "docker" group
    • sudo usermod -aG docker UserName
  • Create the appropriate folders on the Pi
    • mkdir containers
  • Install Cloudflare Tunnel aka cloudflared (See Configuring Cloudflare Tunnels below)
  • Install Portainer
    • sudo docker pull portainer/portainer-ce:linux-arm
    • sudo docker run -d -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /containers/portainer/data:/data portainer/portainer-ce:linux-arm
  • Install Ubiquiti UniFi Controller
    • docker run -d --init --restart=unless-stopped -p 8080:8080 -p 8443:8443 -p 3478:3478/udp -e TZ='Europe/London' -v /containers/unifi:/unifi --user unifi --name unifi jacobalberty/unifi

Configuring Cloudflare Tunnels

  • Cloudflare Zero Trust β†’ Access β†’ Tunnels
  • Create a tunnel
  • Install Cloudflare Tunnel
    • docker run -d --name cloudflared cloudflare/cloudflared:latest tunnel --no-autoupdate run --token TOKEN
  • Configuring Unifi…
    • Additional application settings β†’ TLS β†’ Origin Server Name = localhost
    • Additional application settings β†’ TLS β†’ No TLS Verify = Enabled

Configuring "Modem mode" on Virgin Media Hub 3.0

  • Modem mode on your Hub 3.0
  • To enable modem mode on your Hub 3.0
    1. Make sure you are connected (wired or wirelessly) to your Hub 3.0
    2. Open your Internet browser
    3. Log in to your Hub's settings page by entering 192.168.0.1 into the address bar of your Internet browser
    4. Enter your Hub 3.0 settings password. The default password is printed on the bottom of the Hub 3.0. If you have changed the default password, enter that password instead
    5. Once you've logged in, click Modem Mode on the left
    6. Click the option next to Enable Modem Mode and then click Apply changes
    7. Once in Modem Mode, the IP address you use to access your Hub changes from 192.168.0.1 to 192.168.100.1.
  • Putting the Hub 3.0 back into router mode
    1. Open a web browser and enter 192.168.100.1 into the address bar
    2. Enter your Hub 3.0 settings password. The default password is printed on the bottom of the Hub 3.0. If you have changed the default password, enter that password instead
    3. Once you've logged in, click Modem Mode on the left
    4. Click the option next to Disable Modem Mode and then click Apply changes
    5. The Hub will reboot and return to router mode

USG with Virgin Media Hub 3.0

Resetting Ubiquiti equipment

Getting the IP Address of all devices on the network

  • arp -a

Getting the IP Address of the local machine

  • ipconfig getifaddr en0