How To Open And Forward Ports On Unifi UDM PRO
In this tutorial you will learn how to open and forward ports to an internal LAN IP on your Unifi UDM Pro using Unifi Controller version 6.5.55. In the latest releases of the Unifi Controller, they have simplified the process for us and with a few simple steps you can quickly forward the ports you need.
Let’s get started.
First make sure you are running the latest controller version. At the time of this publication, it is 6.5.55.
- Log into your UDM Pro using unifi.ui.com or its IP address.
- Access the Unifi Controller and click Settings
- Click on Advanced Features and afterwards you will be presented with a page where you can apply your network rules.
- Now scroll down, locate and click on Advanced Gateway Settings.
- You should now be presented with the Advanced Gateway Settings Page.
- Click on the Create new Port Forwarding button.
- In the Port Forwarding window make sure to have the following.
- Give your rule a proper name.
- Forward Rule is set to enabled.
- Select your incoming WAN interface.
- In the next few steps all this information will be custom to your use case.
- From should be set to Any.
- Port is the port you wish to open.
- Forward IP is the destination of your internal Static IP address of the device.
- Forward Port is the port of the devices landing page or destination port.
- Protocol could either be TCP, UDP or Both. If you do not need both just select one.
- Enable some Logging.
- Click the Apply Changes button.
You have now successfully added the port forward and you should be able to access your destination through your WAN IP address. What is my WAN IP?
Food for thought. For security purposes all devices open to the public should be on a segregated vLAN from the internal company LAN.
I hope this article was helpful, if you have any questions, please feel free to contact me. If you would like to be notified of when I create a new post, you can subscribe to my blog alert.
Loading ...
Have you done this while locking the from down to a specific IP address? We need to open this up but I want the from address to be locked down to just 2 IP addresses, what would that look like in a UDM?
Hello Joe,
This article is a little on the older end if you have version 7.5+ under application firewall, you should see port forwarding button.
From = Limited
Source = IP of incoming traffic.
ok I have that and I think that traffic is not getting though the Comcast modem. How do I get logging on to see if the traffic is even making it to the Dream Machine
What has worked for me is logging in to Comcast modem and forwarding the needed ports to UDM’s WAN IP address, or you can DMZ it. Then in UDM you can port forward from WAN to your desired location.
If it’s a Comcast Home Modem/Router, yes you would have to do that unless you purchase or request a standalone modem. Comcast for business, if you have a static ip you can assign it to the UDM and put the comcast modem in bridge mode.