making the ubnt wifi awesome (uap ac lite) w/ lede (openwrt) the reasons you would do this: - you get 802.11r - you get better roaming - you get access to some new 5ghz channels I AM NOT TO BE HELD RESPONSIBLE FOR ANYTHING IN HERE. DO AT YOUR OWN RISK. THANK YOU AND HAVE A LOVELY DAY. ** note that though we're using Lede, it's essentially openwrt minus the drama lots of info here: https://wiki.openwrt.org/toh/ubiquiti/unifiac if your AP is already on a unifi network (i.e. not new) - make sure that the online uniquiti interface isn't auto-updating it back to the latest version - as per https://discuss.cucumberwifi.io/t/openmesh-1750-ac-unifi-ac-lite/258/42, downgrade the ubnt to 3.4.7: it's here: https://s3-eu-west-1.amazonaws.com/ps-firmware/_other_/firmware/U7PG2/3.4.7.3284/firmware.bin - scp it to root@ubnt_ip_addy /tmp - then 'fwupdate.real -m firmware.bin' - ok now it's downgraded, time to install lede ar71xx is the cpu you'll be installing from trunk, so there'll be some excitement. (no gui for example) image at: https://downloads.lede-project.org/snapshots/targets/ar71xx/generic/lede-ar71xx-generic-ubnt-unifiac-lite-squashfs-sysupgrade.bin - scp it to root@ /tmp. it's the same ip as before since it'll still be on ubnt firmware, just older. if you're updating a fresh uap-ac-lite, the username/password to ssh is ubnt/ubnt - ssh in and run mtd -r write /tmp/lede-ar71xx-generic-ubnt-unifiac-lite-squashfs-sysupgrade.bin kernel0 - if it reboots back to the regular ubiquiti firmware, you didnt downgrade (only applicable for non-fresh APs) - ok now it starts lede. note there will be no web browser because it's on trunk - scan your network to find out the ipv6 address and ssh in. alternatively change your ip to the 192.168.1.X range and ssh into 192.168.1.1 for example: ssh root@fe80::822a:a8ff:fe49:2859%en0 - set a password using the 'passwd' command - before we get the webui up lets clean up a bit more /etc/init.d/firewall disable /etc/init.d/firewall stop opkg remove dnsmasq reboot - ssh back in, lets hope stuff still works - run 'opkg update' - run 'opkg install luci-ssl' - now you should be ableto use the web interface at http://10.0.1.37 - ok now go through all settings and set things up right for yourself. i do the following: - System>System and change hostname - System>Adminsitrator and put your ssh public key - System>LED Configuration and add white:dome (unchecked state) and add blue:dome (checked state) - Network>Wireless and add your networks. after enabling the 5ghz network, it can take a minute for the interface to actually enable ok now lets add 802.11r for fancy roaming between devices. back to the terminal opkg update opkg remove wpad-mini opkg install wpad /etc/init.d/network restart # mobility domain can be anything, must be same between all aps though uci set wireless.@wifi-iface[0].ieee80211r='1' uci set wireless.@wifi-iface[0].mobility_domain='e612' uci set wireless.@wifi-iface[0].pmk_r1_push='1' # these numbers are the MAC address of the interface you want 802.11r for # (based on https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/) uci set wireless.@wifi-iface[0].nasid='44D9E79239B0' uci set wireless.@wifi-iface[0].r1_key_holder='44D9E79239B0' # these should be the same for all your APs. you need a line per AP (for both r0kh and r1kh). # that last mumbojumbo is a password, change it to something unique for you. # the pattern should be obvious, basically all your MAC addresses sometimes with : and sometimes not uci add_list wireless.@wifi-iface[0].r0kh='44:D9:E7:92:39:B0,44D9E79239B0,8a7fcc966ed0691ff2809e1f38c16996' uci add_list wireless.@wifi-iface[0].r0kh='44:D9:E7:92:3A:00,44D9E7923A00,8a7fcc966ed0691ff2809e1f38c16996' uci add_list wireless.@wifi-iface[0].r1kh='44:D9:E7:92:39:B0,44:D9:E7:92:39:B0,8a7fcc966ed0691ff2809e1f38c16996' uci add_list wireless.@wifi-iface[0].r1kh='44:D9:E7:92:3A:00,44:D9:E7:92:3A:00,8a7fcc966ed0691ff2809e1f38c16996' # kick off bad low signal clients uci set wireless.@wifi-iface[0].disassoc_low_ack='1' uci commit wireless /etc/init.d/network restart