Need help configuring Ubiquiti / USG router

Support Technical Support
1

Does anyone have UniFi configuration experience?

I installed a new router last night and since then, I’ve had issue connecting to WoW.

  • When I launch the game, it sits forever on “Connecting to game server”.
  • After exiting the client, the Battle. net client sits forever on “Waiting on another installation or update”.
  • Most internet resources seem to work - gmail, youtube, etc. A few sites don’t seem to load for me (e.g. portforward .com).

The network is segmented into two VLAN (trusted and untrusted) and a management LAN. My PC in question is located on the trusted LAN, which has access to every resource.

My firewall rules are fairly rudimentary:

  • Allow all local networks access to the controller
  • Block untrusted network access to the management and trusted networks.

I’ve tried:

  • Trying another PC
  • Disabling DPI
  • Disabling IPS
  • Disabling QoS
  • Disabling “Auto-Optimize”
  • Using Cloudflare’s DNS servers as well as my ISP’s
  • Enabling DNSMasq
  • Assigning my PC a static IP
  • Port forwarding all identified ports[1] (except 80) to said static IP
  • Creating firewall rules to accept all the aforementioned ports on all interfaces.
  • Creating a WAN rules accepting every incoming and exiting connection (I know this is unsafe).

Thanks in advance.

[1] https:// us.battle. net/support/en/article/7842

2

Does your version allow you to enable uPNP through the GUI? If not its not a easy task but most likely would help here is the link to how to create a config.properties File to enable it

3

Hello Northernlite,

Thank you for your assistance.

It does support UPnP. I’ve just flicked it on;

CONFIGURATION
(all selected)

  • Enable UPnP
  • WAN Network Group
  • WAN
  • Enable NAT Port Mapping Protocol
  • Enable Secure Mode

NETWORKS
(all selected)

I should probably note that my knowledge of routing is fairly simplistic.

Other notes:

  • This is a fairly new unit - 2019 manufacture, USG4-Pro
  • The firmware was the latest I found a week ago. v4.4.36.5146617
  • Controller 5.10.21 (Build: atag_5.10.21_11661)

Edit:
Strangely, I cannot access your provided link. Nonetheless I enabled it via the GUI.

4

I will take a look at the manual its been a while. most of the setting you have set are correct for gaming. You will need to build firewall rules for wow and basically any other games you play. Enterprise routers require a lot of work to get them configured.

Will have to check this thread later. Need to rest

5

Thanks, Northernlite. Rest well!

I’m leaning more toward thinking this is related to my inability to reach a bunch of random sites. I can get the IP address for medium .com for example, I can even ping them, but I still can’t reach them via web browser.

I’ve additionally tried:

  • Forgetting and re-adopting the USG.
  • Changing MSS Clamping setting from auto to 1452 and 1422.
6

Have you tried just using the IP addresses not the host name? medium. com ip addresses should be the following 104.16.123.127 and 104.16.120.127 and 104.16.122.127 and 104.16.124.127 and 104.16.121.127 see if you can reach those site using the ip addresses

7

I’m afraid I can’t reach those. :frowning:

8

was checking to see if it was just a dNS issue.

9

Are you getting a SSL error on the web sites you can not reach?

10

When I fire these sites into my web browser, they never seem to load.

  • Safari’s progress bar shoots over a couple cm then just sits there for… a very long time. Ten+ minutes now.
  • Firefox reported, “Waiting for 104.16.123.127…” then “Problem loading the page. The connection was reset”.
11

you unit has 2 wan ports correct? what happens if you disable the unused port. alternately try connecting the Wan to the other port

12

The 2nd WAN port is disabled by default, however per suggestion I:

  1. Configured the 2nd port as a failover and activated it
  2. Swapped the physical connection
  3. Power-cycled the modem

No change sadly. :frowning:

13

Have you tried contacting Ubiquiti support? The not being able to connect to some web sites means something is not configured correctly. It hard without access to the unit to come up with suggestions but their help center has a lot of experience fixing these issues

14

Hello Northernlite,

I’ve created a thread over in their forum, though unfortunately it’s been marked as spam. >.< Hopefully a moderator comes around and fixes that.

Sadly, their support site (help. ubnt. com) is also a location I cannot reach. <.<

I think I’m going to sleep now. Thanks again - I appreciate the time you’ve put into this.

15

If you phone has internet plan you can most likely post with that or get tunnel bear. link below it should allow you to connect to the site

tunnelbear

16

For some reason Cloudflare breaks Battle net completely.
I changed mine back to Google and everything works fine.
remember you need to reboot your router if DNS is cached there or your computer depending on where you set the DNS Server.
Once you do that and query DNS for the first time not cached on Google everthing works fine.

I don’t know why its so broken with Cloudflare it litterally is only Blizzard that is broken with Cloudflare.

17

Interesting. Thanks, Maticks!