Skip to content

Instantly share code, notes, and snippets.

@huysentruitw

huysentruitw/ConfigureWindowsFirewallRulesForUnifi.ps1

Created January 26, 2022 13:46
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save huysentruitw/2724ff487d8bec8b62c46c3e54f991c0 to your computer and use it in GitHub Desktop.
Save huysentruitw/2724ff487d8bec8b62c46c3e54f991c0 to your computer and use it in GitHub Desktop.
Download ZIP
Configure Windows Firewall Rules for Unifi Network discovery
Raw
ConfigureWindowsFirewallRulesForUnifi.ps1
# Copied from https://community.ui.com/questions/Windows-Firewall-keeps-blocking-APs-in-controller-show-as-disconnected-even-though-operable-/01839bc6-56f6-473a-b9ba-6bbc1d8ec36d#answer/44bdb22f-4174-4e02-a3d3-f1469702e431
New-NetFirewallRule -Name _UniFi-Mgmt-In -DisplayName "_UniFi-Mgmt (TCP-In 8081)" -Description "Allows incoming UniFi management traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 8081 -Direction Inbound
New-NetFirewallRule -Name _UniFi-DvcInfrm-In -DisplayName "_UniFi-DvcInfrm (TCP-In 8080)" -Description "Allows incoming UniFi device inform traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 8080 -Direction Inbound
New-NetFirewallRule -Name _UniFi-Ctrlr-In -DisplayName "_UniFi-Ctrlr (TCP-In 8443)" -Description "Allows incoming UniFi Controller traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 8443 -Direction Inbound
New-NetFirewallRule -Name _UniFi-PrtlRdr-In -DisplayName "_UniFi-PrtlRdr (TCP-In 8880)" -Description "Allows incoming UniFi portal redirect traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 8880 -Direction Inbound
New-NetFirewallRule -Name _UniFi-PrtlRdrSsl-In -DisplayName "_UniFi-PrtlRdrSsl (TCP-In 8843)" -Description "Allows incoming UniFi portal redirect for SSL traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 8843 -Direction Inbound
#DB Connection won't be necessary in most cases
#New-NetFirewallRule -Name _UniFi-DB-In -DisplayName "_UniFi-DB (TCP-In 27117)" -Description "Allows incoming UniFi DB traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 27117 -Direction Inbound
#New-NetFirewallRule -Name _UniFi-DB-Out -DisplayName "_UniFi-DB (TCP-Out 27117)" -Description "Allows outgoing UniFi DB traffic" -Group UniFi -Enabled True -Protocol TCP -LocalPort 27117 -Direction Outbound
New-NetFirewallRule -Name _UniFi-DvcDisc-In -DisplayName "_UniFi-DvcDisc (UDP-In 10001)" -Description "Allows incoming UniFi device discovery traffic" -Group UniFi -Enabled True -Protocol UDP -LocalPort 10001 -Direction Inbound
New-NetFirewallRule -Name _UniFi-STUN-In -DisplayName "_UniFi-STUN (UDP-In 3478)" -Description "Controller version 5.6 onwards uses STUN" -Group UniFi -Enabled True -Protocol UDP -LocalPort 3478 -Direction Inbound
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment