 Time here for more systems and let's talk about unify specifically how we manage it as a business and how you can manage it Now you don't have to be a business to do this But the question comes up a lot because we do so many unified deployments for our customers that we manage is how do you manage all Them in the unified controller or do you set up a unified controller for each customer? It's actually easier because we're the one managing and we're not sharing access with anyone else So we set it up in our controller and that's because the unified controller supports multi Tenancy now you can do this as well if even if you're a home user Maybe you want to have multiple sites that you have set up There are a few prerequisites here one that you have a publicly available IP address and two That you have DNS working now. Could you do this without DNS just by IP address? Yes But if that IP address ever changes you'll find that you lose access to all the devices that are remotely connecting to it That's one of the reasons that I say having a DNS entry is probably a prerequisite to get this working and get it working Well now we do a lot of unify consulting and unfortunately some of the consulting we do is people who did not set this up with DNS That's one of the reasons I bring it up at the beginning to be set up that way Also, if you'd like to hire us for unify consulting head over to launch systems calm Click that hires button at the top and let us know how we can be helpful with your unified deployment Now let's get into setting up this controller walk you through the steps of setting up multi-site management and some of the process and procedures We use to do these large-scale deployments and how we mass adopt them and move them sometimes to a different controller or keep them in Our controller. There's a couple strategies. I want to talk about for managing these But it's overall pretty simple once you know which buttons to click and that's what we're gonna cover now Now the first step is verifying DNS now. This may be a different step depending on where you host it We're gonna do a dig for a unified demo dot Detroit Edling company comm Detroit Edling company is a mythical company We set up for doing demonstrations and we see is pointed to this public IP address of one seven two two three two thirty 75 now, however, you want to verify your DNS record Just make sure you have an a record pointing at whatever you're going to be using as the inform URL This does not have to be the same as the management port that we're gonna get to later This only has to be the inform URL DNS now It can be the same or you can have something different and if you're hosting this internally It's definitely gonna be pointed differently. This is the question that comes up We actually have our own hosting environment internally at our building So when we host it we have an internal name versus an external name the internal name pointing of course at our Local IP address versus a remote one But for this unified demo that Detroit Edling company comm results to this IP address and it's working So let's go ahead and SSH into it to talk next about the firewall rules that you're gonna need now We're assuming this is all gonna be on Linux. Could this work on Windows? It's not gonna work. Well That's just one of those things that even though they support loading this on Windows I don't recommend it. We've always found it to be very very buggy and the source of many problems So we're gonna go ahead and SSH into route at unified demo to Detroit Edling company comm and before we set up Our unified controller. We want to get the firewall rules set up The reason for this is when you set up the unified controller itself You end up with a problem of it's going to ask you to set up your username and password So if you set it up and someone else gets to port 8443 where the management port lives before you do They could set it up with their username and password and you probably will have to start the process over So from a blank and controlled installer the things you want to do is get your firewall looking like this I allow 22 TCP. Now. I have it listed as anywhere so I can keep logging into this Normally, I would say set this to whatever your IP is So you can restrict it to only you getting access to this then you want to say 8080 anywhere 3478 anywhere 8443 the management port restrict that to yourself and they're gonna repeat again here for the IPv6 version And for those wondering about the ports, there is an entire list. I'll leave a link to there are other ports You can open for possible other reasons But the only ones you need just to control the unified access points and the unified switches are the ports I mentioned there are other things such as captive portal But I don't really recommend running captive portal across the open internet But they do have more ports you could open for other reasons now for setting up and installing the controller itself I'll leave a link down below to another video where I walk you through step-by-step how to get the controller set up Also, I'll leave a link to the script that is in the Unify site and that is so you can use UI Glenn I believe his who supports that he's a person working at Unify has an auto deploy script that works really well The third option which people love to bring up is what about Docker? I don't recommend Docker because it's not officially from Unify So I don't really know who builds or really spend any time looking at the different Dockerize versions because they're not officially from Unify I don't have any problem running the controller directly on the system. So now that that's covered Let's get into actually configuring the controller once you've gone through one of those setup methods that I mentioned One more step that's worth mentioning is what about setting up a certificate a lot of people ask about this for the Unify controller It's not needed But of course people may get annoyed by that eight four four three port not having a properly signed certificate And one of the simplest ways to do this and we have a reverse proxy at our office that we used to solve the problem But if you don't already have a reverse proxy setup I do have videos on HA proxy and setting that up or you can simply use a cloudflare tunnel and the cloudflare tunnel Math is what I use for this video and I want to show you the configuration I have a whole another video link down below for cloudflare tunnels. You simply load the tunnel on the same Instance that's running your Unify controller. We point it at local host eight four four three and under additional application settings under TLS We do want to make sure no TLS verify what it's doing is not verifying that certificate And that means Yodify dot LTS demo work will perfectly work fine with no certificate error So that's how we come up with that there by the way This does not have to match your inform URL that we had so that's okay that they're different The management interface can be on a completely separate one And it does not need to be exposed at all and that firewall port can actually be completely closed off Once you have something like a cloudflare tunnel reverse proxy tail scale or any other number of ways of getting in I just prefer not to expose the management port. I don't think it's a great idea All right, we have our unified controller setup. We're at Yodel dash fi dot LTS demo dot work And we're at the default dashboard. I did switch this to dark mode already I didn't want to start off in light modes technically. I've logged in before but we're gonna go here and click on a gear We're gonna go to system and we want to make sure Multi-site management is enabled it may or may not Depending on what version you loaded have this enabled But we just checked that box and this is what allows for more than one site to be on here Then we're gonna go down here to show more under advanced and I've clicked override already and we want this right here Unified demo that Detroit Yodeling company.com. We know this is what our DNS resolves to to get to this IP address So we want to make sure the inform host has set to this because this is the URL We're going to set inform any device that we want to adopt now if we go over here for device adoption under unified devices You'll see there's none in here and let's go ahead and add a device now I have a brand new unified device that is on my local network here So it's not going to work with network discovery because this is in a cloud where their unified demo is and we're just going to SSH UBNT at and the local IP address of the device we plugged in and the password is going to be UBNT and This logs us into this u6 mesh device now. We're going to use set inform HTTP unify demo dot Detroit Yodeling company calm colon 8080 Slash inform it is very important that you do not accidentally type an S. It is not HTTPS It is not supposed to be HTTPS This is just the inform URL and when we set the inform URL and we set it to Detroit Yodeling company and there's that port 8080 Yes, I know you could change it to a different port. I don't recommend it That is going to be the default port right there Make sure you have the colon 8080 slash inform and now it will go to the unify to complete the adopt process And we're back over here and we simply click to adopt It sees the IP address. There's the MAC address so we can verify this device and we want to click adopt device All right, now we have the u6 mesh adopted now if you want to add more sites Let's go ahead and do that and we have the default site So let's add a new site and we'll call this site the Toledo Yodeling company submit And now we're on this company But how do we get devices move between the companies pretty simple bring over here to unify devices and we see none here because we're in The Toledo one we'll switch back to the default site that we had And we'll go back over here to this access point and now we can actually migrate this particular access point move to new site Only other site in the list here Toledo Yodeling company and we hit move U6 mesh has been moved to the Detroit Yodeling company. So we go over here and It's not being provisioned on this site right here. All right now that it's updated online Let's go ahead and go to settings and let's forget this device because I want to move it back in here But show you what happens when you try to adopt to a multi-site So if we're gonna forget the u6 mesh and confirm now We're gonna SSH back into it now that it's reset to factory defaults UBNT is gonna be the password again, and it's the same set-in-form URL So we're gonna go ahead and set informant again and switch back over to the controller And we see the device under the Toledo Yodeling company ready to be adopted But if we go over here and switch to the default company and go to the devices It's ready to be adopted and let's say we add one more site and then we'll just call this another demo company Hit submit and Then go over here We can also see it ready to be adopted the device lands in the current company you're switched to but it shows up for Adoption in all companies when you send the inform URL because it doesn't distinguish exactly which company is there now The next thing I want to talk about is probably something that people are wondering is time We've seen you set up 100 200 300 at a time of these access points And I'm gonna guess you're not SSHing into these individually or are you and definitely I do not want to SSH Individually now if you have your devices on the same network as a controller local discovery is an option But if your controllers somewhere else or in the cloud, there's actually another trick you can use It's really simple and this is as clever the way Unify does this You can build a temporary controller and on that temporary controller You can put well as many access devices and Switches you want all around it on that same network use local discovery to adopt all those devices Then we're gonna do a site transfer I'm gonna walk you through how to do a site transfer because it's really easy to do and it's something We've actually done for a lot of customers, especially when they have their own controller But they would like us to do some pre-configuration The pre-configuration still works because when you mass-adopt when you configure you export all the settings You put into setting it up and you can then migrate it from your local Even if it's temporary controller to wherever its permanent home may be now for us if it's a managed client This is nice because we're doing it all on our controller in our office and then sending it to the client But in the case of our consulting work Well, sometimes people go I want it in my controller because I don't want you to have the keys to it That's perfectly fine. That's what these site migrations are for. It's pretty simple. Let me walk you through the process All right We see we have my u6 mesh online and adopted to unify.launch systems calm That's our controller. We want it in the yodel fi controller for our demo here Because that's where you like to transfer this device now We can pretend there's a whole lot of devices in here, but for sake of the demo. I only adopted one We're gonna go down here to the gear icon Then we go to system and we see Tom's demo site and let's start exporting that site Okay, export we want to first download the site file export So let's click on that. So we have the file. I'm going to continue Migrate the site. Yes, we'd like to migrate the site Where's this site going to go host aimer IP address and that's going to be unified demo that Detroit Yodeling company calm It is not in the case as I mentioned earlier the same as our management URL So it is our inform URL that it's looking for and we check this and it would select all the devices that are going to be Down here. So we're going to hit migrate devices and Don't do this just yet do this later. You can then forget them out of the controller I'm going to skip this for the moment because if you forget them out of the controller before they have adopted over to the new system That could be bad. So we're actually just leave it on this screen right here And we're going to go over here and we want to import site Upload the file. There's our network site demo site. So we're going to hit select Site name demo Migration and we hit import Then we're going to go over here and it's importing All right, and now the device is adopted now that I know this is happy and working and online And if all the devices are happy online, I would say go ahead and forget the devices on the other side So we'll go ahead and forget these and One device was removed just now. There's nothing in this one We've exported it and all the settings came with it because if we go here to Wi-Fi This is the terst network where I misspelled test and through a crazy password in there of terse test test test or whatever I misspelled and any other settings and any other networks I would have defined would have come over with this Now all this is done with the latest version of the unified controller software And this is a process that's been refined over the years better and better They've really got a lot of quality work that's gone into the controller to bring it to where it is today We used it when it was a lot more basic years ago, but thousands of deployments later I really love how smooth all this works But if you need help with any of your unified reach out to us learn systems comm slash hires We do network consulting lots of unified consulting But the controller part not that hard to get set up It's stuff that we do for a lot of other people But the steps are as I pointed out here pretty straightforward and simple And this is one of the things that really sets unified part is having such a nice Controller system that you just don't have these cloud lock-ins like you have with many that are companies because this did not Require you to register with unified to get any of this to work You didn't have to lock into their site or anything like that to make this happen I love hearing from you so leave your thoughts and comments down below Let me more if there's some clarification I can do on this to make it a little bit simpler But I think that should cover it pretty well for setting up multi-site controller Check out lots of my other videos on different aspects of unifying controlling them including how to set up the controller itself I have that video linked down below if you want to see more content for this channel Like and subscribe if you want to talk about this or other topics at more depth and engage with me How to our two forums at Lawrence systems comm or hit me up on any of the socials wherever they are You'll find them for where I'm connected at Lawrence systems comm and thank you