UniFi Network - Required Ports Reference

The following includes the UDP and TCP ports used by UniFi. This information mainly applies to users with a self-hosted UniFi Network Application, or users with additional third party devices and firewalls. For this reason, we generally recommend a full UniFi deployment for seamless deployment and optimal native compatibility.

Local Ingress (Incoming) Ports

Protocol

Port number

Usage

TCP/UDP 53 Port used for DNS. This is required for Guest Portal redirection, downloading updates, and remote access.
UDP 3478 Port used for STUN.
UDP 5514 Port used for remote syslog capture.
TCP 8080 Port used for device and application communication.
TCP 443

Port used for application GUI/API as seen in a web browser.

Applications hosted on a UniFi OS Console

TCP 8443

Port used for application GUI/API as seen in a web browser.

Applications hosted on Windows/macOS/Linux

TCP 8880 Port used for HTTP portal redirection.
TCP 8843 Port used for HTTPS portal redirection.
TCP 6789 Port used for UniFi mobile speed test.
TCP 27117 Port used for local-bound database communication.
UDP 5656-5699 Ports used by AP-EDU broadcasting.
UDP 10001 Port used for device discovery.
UDP 1900 Port used for "Make application discoverable on L2 network" in the UniFi Network settings.
UDP 123 Port used for NTP (date/time). Required for establishing secure communication with remote access servers.

Note: Although TCP 22 is not one of the ports UniFi Network operates on by default, it is worth mentioning in this article since it is the port used when UniFi devices or the Network application is accessed via SSH.

Ingress (Incoming) Ports required for L3 management over the internet

Note: These ports need to be open at the gateway/firewall as well as on the UniFi Network application host. This would be achieved by creating port forwards on the gateway/firewall where the application is hosted.

Protocol

Port number

Usage

UDP 3478 Port used for STUN.
TCP 8080 Port used for device and application communication.
TCP 443

Port used for application GUI/API as seen in a web browser.

Applications hosted on a UniFi OS Console

TCP 8443

Port used for application GUI/API as seen in a web browser.

Applications hosted on Windows/macOS/Linux

TCP 8843 Port used for HTTPS portal redirection.
TCP 6789 Port used for UniFi mobile speed test.

Egress (Exiting) Ports required for UniFi Remote Access

Note: In most cases, these ports will be open and unrestricted by default.

Protocol

Port number

Usage

TCP/UDP 53 Port used for DNS. This is required for Guest Portal redirection, downloading updates, and remote access.
UDP 3478 Port used for STUN.
TCP/UDP 443 Port used for Remote Access service.
TCP 8883 Port used for Remote Access service.
UDP 123 Port used for NTP (date/time). Required for establishing secure communication with remote access servers.

 

Changing Default Ports

Changing default port assignments can only be done on self-hosted Network applications (Windows/macOS/Linux). This can be accomplished as follows:

1. Close any instances of the UniFi Network application.

2. Modify the system.properties file, which can be found in the directory <unifi_base>/data/system.properties.

  • For example, if port 8081 was in use and port 8089 was open, you could change it by modifying unifi.shutdown.port=8081 to unifi.shutdown.port=8089

3. Restart the UniFi Network application.

Note: Make sure there are no leading or trailing spaces, comments, or other characters like hash tags (#) on any custom lines. Otherwise, UniFi Network will ignore the customizations.

Was this article helpful?
973 out of 1544 found this helpful