New Toy: Unifi Doorbell

A while back we bought a camera to sweep the front boundary of the house, and because I seem to have a penchant for giving Ubiquiti large portions of my paycheque even though they don’t really deserve it, we doubled-down and bought one of their doorbell kits too.

Since I really only checked the camera output from home, I didn’t notice this, but it seems that “Unifi Protect” (their mobile application for accessing the cameras, distinct from Unifi itself) doesn’t actually work over a VPN, including the offerings provided by them!

It seems like you have two options for connecting Protect: the UI cloud (which we turned off at the first available opportunity, and for good reason it seems as they’ve just had another security issue wherein people are seeing other people’s consoles when they log in); or local console discovery, which relies on L2 discovery, which is by definition not routable and thus doesn’t work over VPNs.

There are so many threads on Ubiquiti’s forums, Reddit, etc crying foul over this that I really can’t pick one to link. Most seem to come to the conclusion that I did: this seems like a deliberate choice (since the console picker for the Unifi app allows you to manually specify a console, they obviously knew this would be a requirement, and if they didn’t their UX architects need a stern talking-to), presumably to railroad you into using their UI cloud offering similar in the way that - despite Ubiquiti understanding LLDP - setting up the UDM requires configuring UI cloud then you must disable it.

The good news? They added manual console configuration in a beta version of the Android app just a couple weeks ago, and the release started rolling out yesterday. I signed up for the beta and confirmed it works, then for Sabriena’s phone we’ll just wait for the update to hit general availability.

More good news: the UDM-SE supports WireGuard natively now (not 100% sure when they added that) and since Tailscale fell over (I think I stuffed up the routing to the LXD container it’s running in) I’ll just configure that. It’s dead easy to set up, so I’ll get Sabriena set up on that too.

So now the only remaining issue is figuring out why push notifications don’t work - it’s not immediately clear whether they’re supposed to work without the UI cloud or not. I may wind up just rigging something up with HomeAssistant instead. For now it comes with a chime, so it’s not critical (it does mean we can’t answer the door if we’re away from home, which is the primary goal of this bullshit).

But the main thing I wanted accomplished is done: this house formerly had two doorbells, a small wireless one which did not have the inside part and was trivially removed; and the outdoor unit of the intercom system, which I was able to have removed too so that people will stop pushing it and wondering why we did not answer the door. I haven’t decided whether to keep a nice wooden plaque (I had a wooden plaque now, but it’s not nice) or try to take one of the spare bricks and mortar it into place. I don’t think I’m a good enough mason to make that look neat, so I’ll probably have Dad route the edges on some dress timber, stain it up, and probably put the house number on it or something so it looks the part.

Author:

fwaggle

Published:

2024-02-11T07:51:00+1100

Modified:

2024-04-08T12:47:20+1000

Filed under:

• house
• unifi
• internetofshit

Location:

Horsham, VIC, Australia

Navigation: Older Entry Newer Entry