====== Ubiquiti - Ports ======

The following ports are used by UniFi:

----

===== Ingress Ports Required for L3 Management Over the Internet =====

These ports need to be open at the gateway/firewall as well as on the controller host.

This would be achieved by creating port forwards on the gateway/firewall where the controller host is located.

^Port^Protocol^Description^Comments^
|3478|UDP|STUN.|
|6789|TCP|UniFi mobile speed test.|
|8080|TCP|unifi.http.port|Device inform.  Device and controller communication.|
|8443|TCP|unifi.https.port|Controller UI / API as seen in a web browser.|
|8880|TCP|portal.http.port|Portal redirect port for HTTP.|
|8843|TCP|portal.https.port|Portal redirect port for HTTPs.|

----

===== Local Ingress Ports =====

^Port^Protocol^Description^Comments^
|1900|UDP|"Make controller discoverable on L2 network" in controller settings.|
|3478|UDP|STUN.|
|5514|UDP|Remote syslog capture.|
|5656-5699|UDP|AP-EDU broadcasting.|
|6789|TCP|UniFi mobile speed test.|
|8080|TCP|unifi.http.port|Device inform.  Device and controller communication.|
|8081|TCP|unifi.shutdown.port|For management purpose.|
|8443|TCP|unifi.https.port|Controller UI / API as seen in a web browser.|
|8880|TCP|portal.http.port|Portal redirect port for HTTP.|
|8843|TCP|portal.https.port|Portal redirect port for HTTPs.|
|10001|UDP|Device discovery.|
|27117|TCP|unifi.db.port|Local-bound port for DB server.|

----

===== Egress Ports Required for UniFi Remote Access =====

^Port^Protocol^Description^Comments^
|443|TCP/UDP|Remote Access service.|
|3478|UDP|STUN.|
|8883|TCP|Remote Access service.|

----

===== References =====

https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used

https://help.ui.com/hc/en-us/articles/218506997

http://wiki.ubnt.com/UniFi_FAQ#How_can_I_run_UniFi_Controller_on_different_ports

https://community.ui.com/questions/Confused-Which-Ports-to-Open-on-the-Firewall/7ce35348-9b4a-42ab-90e4-d006dad2f7f2