I've got 10 Amcrest cams running on a UDM Pro with a 2TB Purple drive. Scrubbing works well (Way better than my Amcrest NVR), recording is fine, remote view is fine. It seems to have picked up on the two streams and I can switch between them with LQ/HQ. The biggest thing missing is audio. If you download a clip there will be some audio right at the beginning but it's garbled and then it just cuts out all together. All cameras are pushing AAC audio so it should be pretty compatible with most things. I don't use on camera detection because the Amcrest implementation is garbage (You end up losing a second or two of video and it starts recording the motion clip) so that doesn't matter and I rarely use the PTZ on the few cameras that have it but I can see how that might be nice eventually. The sound is a disappointment though. If I could get at least one way sound I'd shut my Amcrest NVR off entirely and use the UDM Pro for archiving. Currently using Frigate and Coral for detections tied into HASS for notifications. BI was causing all sorts of headaches with the Coral integration and I finally gave up on it but I may mess with it again in the future.
HUGE RUMOR: Unifi Protect will support ONVIF cameras (like from HIK/Dahua)
- Thread starter steve1225
- Start date
No such thing with Unifi and Protect. It's a charm compared to both BL and Dahua or Hikvision. Although Protect can have storage and capacity limitations depending on platform you chose it's a whole other ball game when it come to esetup and use It has one of nicest mobile and web based apps I've ever seen from any manufacture. The worst part about Protect has always been its incompatibility with ONVIF and their cameras. Although some have a unique cool design they are over priced for and limited in features. I can't wait to try swapping an NVR with a Protect appliance. Especially for my customers already on Unifi. The other great thing about this news is it comes right at the demise of Dahua USA.
Mj
I didn't specify in my original post that I have a Gen2. (I honestly forgot which version I had since it is out of service right now). It was a bad enough situation that Ubiquity has actually stopped putting batteries in the units at all.
I've had alot of experience with Ubiquiti stuff and I've yet to see a complete failure on anything I deployed. There have been some reported issues on the cloudkey plus with (swelling) batteries and (failed) HD drives in them but again it's all been second hand, never seen any myself. Too bad they seemed to be phasing out the older Edgeswitch stuff because those were absolutely rock solid (I still love them for sandboxing cams off the main network) and you could get into the back end much easier if you know what you're doing. The AP's have been awesome too, some run a bit warm (like the U6 mesh) but again never had a failure on those either. You can tell the hardware is good when even older used stuff still fetches a premium price on eBay.
There is no reason to get the pro max, networking side is the same and it just adds a mirrored drive for nvr. better off getting an actual nvr unit.I was going to upgrade from the UDM Pro to the UDM Pro Max; seems like its not worth the hassle; will keep the Unifi Cameras where they belong and stick with Blue Iris for the tried and true Dahua
How many non-Unifi cameras do you think the UDM Pro can handle?
This week, after my hack thread regarding my Dahua nvr5432, I have migrated all my onvif Dahua and Amcrest cameras to the Ubiquiti UNVR paired to a UDM ProSE and ProSwitch running vlans and layer3 inter-vlan management.
The Protect app hands down is way better and more intuitive to use. The initial migration was worrisome. As more cameras were added to the UNVR, old ones were freezing or losing connection. Was worried about this due to ONVIF integration. But when I finally got all the cameras added, I did a full cold reboot on the NVR and it seems to be running now for 12 hours no issue.
The UNVR is lacking quite a bit of features compared to the Dahua 4.0+ nvr application but nothing major that I can see.
Right now the only only issue I need to figure out is how to set up a NTP server on the Raspberry Pi so that all the Dahua cams can reach it and grab a time.
It took me days to understand the inter-VLAN routing and setting up rules. But I like how I can have the UNVR on one VLAN and the cameras on another VLAN. Then only allow the cameras to talk to the NVR VLAN and can’t go outbound to the WAN. The VLAN helps isolated traffic congestion.
There doesn’t seem to be a time stamping feature on the UNVR for the onvif cameras. Other than that. So far so good.
The Protect app hands down is way better and more intuitive to use. The initial migration was worrisome. As more cameras were added to the UNVR, old ones were freezing or losing connection. Was worried about this due to ONVIF integration. But when I finally got all the cameras added, I did a full cold reboot on the NVR and it seems to be running now for 12 hours no issue.
The UNVR is lacking quite a bit of features compared to the Dahua 4.0+ nvr application but nothing major that I can see.
Right now the only only issue I need to figure out is how to set up a NTP server on the Raspberry Pi so that all the Dahua cams can reach it and grab a time.
It took me days to understand the inter-VLAN routing and setting up rules. But I like how I can have the UNVR on one VLAN and the cameras on another VLAN. Then only allow the cameras to talk to the NVR VLAN and can’t go outbound to the WAN. The VLAN helps isolated traffic congestion.
There doesn’t seem to be a time stamping feature on the UNVR for the onvif cameras. Other than that. So far so good.
Just make a port group and a traffic rule in your udm to allow your camera vlan out to the internet on port 123.
That’s the easiest way. Yes yes I thought about that.
I like to make my life more complicated and really just lock down these Chinese cameras from ever sending a native packet out to the web. Period.
So I prefer to just have the Rapsberry Pi, running a OS, fetch the NTP and have it serve the individual cameras.
By the way I realized that I am going to block the UNVR vlan from going outbound too. The Ubiquiti protect App is nice and it can remote into the UNVR (even behind the layer 3 switch on a seperate VLAN). But that means I am exposing myself to get hacked by Ubiquiti employees.
So I will just create a VPN account on the UDMSE and then disable remote access to the UNVR, Then access the UNVR by local account once I have tunneled in back home to my home Lan.
Does the UDM have teleport?
That's a zero config vpn setup.
If you haven't already, make sure you block inter vlan traffic in your network (because it's not blocked by default, thus kind of defeating the purpose of using the vlans in the first place) and then add a rule to allow traffic from your default network to your cameras network.
Yeah I spent countless hours figuring out how to block inter-vlan. Most of the YouTube videos apply to the UDM and that’s using firewall rules. But because I have a layer 3 switch and having the VLANs use that as the router/forwarder, the firewall rules didn’t apply. I have to use ACLs.
UDM Pro SE has built in VPN support for WireGuard and OpenVPN. I will use WG and set that up tonight. It’s supposed to automatically generate you a cfg file and you just load it. Previously I’ve always used OpenVPN and it has been fine but I’m told the new kid on the block is WG and it’s lightweight and faster.
Initial reading on VPN is that it drops you straight into the default network giving you full unlimited access to all the VLANs. That’s a big no no too. I plan to assign it the UNVR’s subnet/vlan so that it can only access the UNVR.
You really do like to make things more difficult don't you?
Just because you can, doesn't mean you should.
Is there anything else on that switch besides the camera network?
If not just use as layer 2.
Add the vlans to it, with your device ports as access mode on the camera vlan and your uplink to the UDM as a trunk and bob's your mother's brother.
Then you can just use rules on the UDM to block inter vlan.
EDIT: the un-necessary complication on your network is probably the whole reason you got hacked the last time.
Added complexity doesn't just make things harder to break into, it makes them harder to configure properly and to manage.
It's like locking the doors to all the rooms inside your house and only certain people can go into certain rooms, but then just leaving your front door wide open when all you needed to really was just lock the front door.
There's a reason all of the videos on you tube were showing you how to use firewall rules on your router to protect your network instead of ACL's on a switch.
Just because you can, doesn't mean you should.
Is there anything else on that switch besides the camera network?
If not just use as layer 2.
Add the vlans to it, with your device ports as access mode on the camera vlan and your uplink to the UDM as a trunk and bob's your mother's brother.
Then you can just use rules on the UDM to block inter vlan.
EDIT: the un-necessary complication on your network is probably the whole reason you got hacked the last time.
Added complexity doesn't just make things harder to break into, it makes them harder to configure properly and to manage.
It's like locking the doors to all the rooms inside your house and only certain people can go into certain rooms, but then just leaving your front door wide open when all you needed to really was just lock the front door.
There's a reason all of the videos on you tube were showing you how to use firewall rules on your router to protect your network instead of ACL's on a switch.
By the way the UDM ProSE has teleport. I just used it. Wow it is truly zero config setup. Got it working on my phone in under two minutes including app download for wifiman.
This is the solution for the advanced Onvif support for Unifi protect
Man I love it!!! Will likely be impossible to get for a while but I’m sure there’s alot more improvements coming too.
Last edited:
200USD per cam license ?
If its only the hardware no additional license fees on a fair price of an higher level dahua nvr, then maybe its worth it
Still need alot more info to decide on value but certainly very promising that they are looking to expand their offerings significantly in the security space.