Xi-1 AP Not able to connect to Cloud Manager on some networks

voyagervoyager Member Posts: 3

I just installed a new Xi-1 AP and I was able to claim it on Cloud Manager when connected to our DMZ but as soon as I put it on our internal network, it is not visible to Cloud Manager. I can see it internally and can see it has obtained an IP address but I can't determine why it won't connect to the cloud. Not sure if this AP is configurable via a web interface or SSH? Not quite sure how to troubleshoot this? The credentials for SSH access (I found in an old thread here) don't seem to work. Please help! I installed this unit to replace a failing UniFi AP Pro and I would hate to have to give this back and get another UniFi as I like the concept of the cloud manager and really want this to work.

Comments

  • shriramrsshriramrs Member, Xpert, Moderator Posts: 157

    Hi @voyager,

    Can you please let me know the AP LED status?
    There is also a good chance that the AP might be in old firmware version. Can you please reboot the AP twice with the gap of 10 minutes between each reboot to upgrade to latest version?
    Also, please check if you have opened the SSL(TCP 443) , ICMP and NTP (UDP 123) ports in case if you have a firewall.
    In order to access the AP via it's web UI, you need to delete the AP from CloudManager and open the web UI by going to <https: // AP's IP address>.

    Regards,
    Shriram

  • voyagervoyager Member Posts: 3

    AP LED Blink RED when in our internal network. The firmware is updated to the most recent build. I have verified that because it is visible to cloud manager when on our DMZ. Have double checked the firewall; it is not blocking ANY outgoing traffic.

  • shriramrsshriramrs Member, Xpert, Moderator Posts: 157

    Hello @voyager ,

    The firewall ports needs to be opened in both directions.

    Regards,
    Shriram

  • voyagervoyager Member Posts: 3

    I am a little confused.... Are you suggesting I need to open ports in our firewall and NAT them to the AP ? That doesn't make sense. Even on the DMZ when it does connect to the cloud manager, it is behind a NATing router and is able to connect so would you please clarify what you meant by "firewall ports needs to be opened in both directions"?

  • vybhavramvybhavram Xpert, Moderator Posts: 1,064

    Hello @voyager ,

    When the firewall inspects traffic going from IN->OUT , it usually has stateful inspection where it allows the return traffic from OUT to IN.

    If your firewall has this enabled , then you shouldnt be facing any issues as all AP<->CloudManager communication is initiated by the AP first.

    Can you please check if your firewall is doing this?

    Regards,
    Vybhav

Sign In or Register to comment.