Roughly 24 hours ago, the primary Internet at our mountain cabin went down for 90 minutes. No big deal, we’re not there, and there’s an LTE backup on WAN2. However, the “Site Magic” VPN tunnel never re-established itself.
In the past I’ve run EdgeRouters and USGs w/ IPSec tunnels so I’m familiar with Ubiquiti’s self-imposed challenges with multi-WAN, and that even with single-WAN the IPSec tunnels are not as resilient as they ought to be.
But Site Magic is supposed to be “magic.” It’s supposed to make it all better. It’s supposed to be so good that they don’t need bother giving me any tools to troubleshoot or give it a kick in the ass when it doesn’t work. A cursory Google search didn’t lead me to any “secret” CLI commands to provide more than the unifi.ui.com interface.
I’d say I’m disappointed… but, honestly, this kind of thing is typical of them and is why I want to quit their gateways.
What would be your alternative, when you quit their gateways? Honest question.
I used to run Sophos XG and lean towards going back. I only ended up on Ubiquiti because 8-ish years ago the SSD on my router died and I happened to have an ER-8 I’d bought to play with Vyatta / VyOS for work that wasn’t doing anything useful at the time. It was meant to be a temporary solution to get back online until I could replace the SSD 🤣
Back then I felt that getting a commercial product’s security features for free with the Home license was worth putting up with its warts — the XG UI is super slick, but so much of its basic functionality is counter-intuitive — and I can point to an incident where it saved my bacon when some malvertising targeting a browser zero-day got a PC infected but all its attempts to download more payloads were blocked. But so little traffic was encrypted back then that I’m not sure that it can be as effective in today’s world of pervasive SSL/TLS. It does have the ability to man-in-the-middle SSL/TLS traffic but that’s a hassle to manage. 🤷♂️