Thursday, December 26, 2024
Latest:

Ubiquiti Unifi STUN Communication Error

edledge
Ubiquiti logo
Views: 1,373

Scenario:
Make: Ubiquiti
Model: Ubiquiti Unifi Network devices [Access Points, Switches, Ubiquiti Security Gateway]
Mode: Graphical User Interface [GUI]
Description: This article is to discuss the issue and solution of the “STUN Communication Error” between the UniFi managed devices and the UniFi Network application.

Problem

STUN stands for “Session Traversal Utilities for NAT, it provides a way for devices to securely communicate with other devices when they’re located behind a router. STUN communication is necessary because the devices in the network have individual IP addresses that are used to communicate internally, but not known to servers/clients outside of the network. In order for STUN communication to work properly, the UniFi device must be able to resolve to the UniFi Network application via the inform URL and communicate with the address via port 3478. When there are issues in communication we see an alert on the Unifi devices with an error message as shown below.

Ubiquiti_unifi_STUN_error

"This device is not able to connect to the internal STUN server on your Controller. Please check if the 
device is able to reach the STUN server on port 3478"

Solution

To resolve the issue, make sure to open UDP port 3478 on the firewall of the machine hosting the UniFi Network application, and ensure that your router is properly relaying STUN traffic to the UniFi Network application from the UniFi devices.

If you are using UniFi Network to manage devices that are not located behind the same router, a port forward neet to set for UDP port 3478. Follow the steps shown below.

Step1: Settings
Navigate to the “Settings => Advanced Settings => Port Forwarding” as shown below.

Ubiquiti_Unifi_Port_Forwarding

Step2: Port Details
Fill in the details as shown below.

  • 2.1 Name – Add the name of the rule

  • 2.2 From – Select “anywhere

  • 2.3 Port – 3478

  • 2.4 Forward IP – IP address of the Unifi Network Application host

  • 2.5 Protocol – Select “UDP”

  • 2.6 Logs – If you want to enable logging then check the box, else leave it unchecked.
Ubiquiti_Unifi_Port_Details

Step3: Apply
Click “Apply” to save the changes.

Wait for some time and the error should be gone or reboot the device to resolve the issue immediately.

It is recommended and important to install SSL certificate on Unifi Controller URL. For the SSL Certificate, CSR is required. Generate and share CSR of Unifi controller to a Certificate Authority to get the SSL certificates. Import and install the certificates on the URL. Refer to the linked article if you are getting the error Unable To Import Certificate To Keystore.

Source: Knowledge Base, Lab, Ubiquiti

EA00090

Leave a Reply

Your email address will not be published. Required fields are marked *