Support Downloads Community

UniFi Video is an obsolete product line.

This application and its related devices will no longer receive any manner of technical support, including functional and security updates. Additionally, there will be no further updates to Help Center content pertaining to UniFi Video.

UniFi - Regenerating an IDS/IPS Token

 

Overview

After reading this article readers will understand how to regenerate a token used for IDS/IPS functionality. The instructions below will guide users on how to navigate the MongoDB for UniFi Network. These steps can be used when restoring from a backup and using a new UniFi Security Gateway (all USG models) or UniFi Dream Machine (UDM and UDM-Pro). In this scenario, the old token would potentially be used on two USGs/UDMs at the same time or report alerts on an incorrect site.

NOTES & REQUIREMENTS:
This article covers advanced configuration of the MongoDB on Debian-Based Linux/Cloud Key, UniFi Dream Machines and Windows, and should only be used by advanced users. Applicable to curent UniFi Network versions and all UniFi Security Gateway and UniFi Dream Machine models.

Table of Contents

  1. Steps: How to Erase an Old Token and Generate a New One on Debian-Based Linux / UCK or UDM with UniFi-OS
  2. Steps: How to Erase an Old Token and Generate a New One on Windows
  3. Testing & Verification
  4. Related Articles

Steps: How to Erase an Old Token and Generate a New One on Debian-Based Linux / UCK or UDM with UniFi-OS

Back to Top

1. Disable IPS or IDS in the UniFi Network application, under (Classic) Settings > Threat Management.

2. SSH or open a console on the device hosting the UniFi Network application.

If using a Dream Machine running UniFi-OS, users might need to enter the shell by running the following command:

unifi-os shell

3. Open a MongoDB shell to the ace directory:

mongo localhost:27117/ace

4. Locate the site ID. The site name will be "default" if it's the first site, if another one has been created then there will be an ID number after site/ in the application's URL. Site names are case sensitive when used in the command below.

A default site, named Default in the "Current Site" dropdown with an assigned site ID of default. UniFi Network accessed over the Cloud:

DefaultSite.pngAn additional site, named Main Office in the "Current Site" dropdown with an assigned site ID of bsmcigc9. UniFi Network accessed locally via IP:

SecondSite.png

The default value should be replaced with your site ID as it appears in the URL of your UniFi Network application, immediately after site/. Site names are case sensitive. This command will provide an ObjectID which will be used in the following step.

db.site.find({"name":"default"})

5. Locate the correct IPS setting document. Substitute "OBJECTID" with the ObjectID that was in the output after running the command in the previous step. This command will provide a new ObjectID to be used in the following step. 

db.setting.find({"key":"ips","site_id":"OBJECTID"})

6. Remove the utm_token from the database. Substitute "OBJECTID" with the new ObjectID that was found after running the command in the previous step.

db.setting.update({"_id": ObjectId("OBJECTID")},{ $set: { "utm_token":""}})

7. Enable IPS or IDS in the UniFi Network application under (Classic) Settings > Threat Management.

Steps: How to Erase an Old Token and Generate a New One on Windows

Back to Top

1. Disable IPS or IDS in the UniFi Network application, under (Classic) Settings > Threat Management.

2. The Windows UniFi installer does not include the mongo binary. Visit the MongoDB official download website, and download the .zip release that corresponds to your server's CPU architecture. Alternatively, download 2.4.14 here directly: 2.4.14.zip.

3. Extract \bin\mongo.exe to a working directory of your choice. In this example, we will use C:\ips\. You may ignore all other files included in the package.

4. Open the command prompt by pressing WINDOWS + R.  In the popup, type cmd and press ENTER.

5. In the command prompt, change to the working directory:

cd C:\ips\

6. Open a MongoDB shell to the ace directory:

mongo --port 27117
use ace

7. Locate the site ID. The site name will be "default" if it's the first site, if another one has been created then there will be an ID number after site/ in the UniFi Network application's URL. Site names are case sensitive when used in the command below.

A default site, named Default in the "Current Site" dropdown with an assigned site ID of default. UniFi Network accessed over the Cloud:

DefaultSite.pngAn additional site, named Main Office in the "Current Site" dropdown with an assigned site ID of bsmcigc9. UniFi Network accessed locally via IP:

SecondSite.png

The default value should be replaced with your site ID as it appears in the URL of your UniFi Network application, immediately after site/. Site names are case sensitive. This command will provide an ObjectID which will be used in the following step.

db.site.find({"name":"default"})

8. Locate the correct IPS setting document. Substitute "OBJECTID" with the ObjectID that was in the output after running the command in the previous step. This command will provide a new ObjectID to be used in the following step. 

db.setting.find({"key":"ips","site_id":"OBJECTID"})

9. Remove the utm_token from the database. Substitute "OBJECTID" with the new ObjectID that was found after running the command in the previous step.

db.setting.update({"_id": ObjectId("OBJECTID")},{ $set: { "utm_token":""}})

10. Enable IPS or IDS in the UniFi Network application under (Classic) Settings > Threat Management.

Testing & Verification

Back to Top

Referencing the utm_token before and after this process should be enough to see that it either did or did not change. See here for quick ways to test IPS/IDS.

Related Articles

Back to Top

UniFi - USG: Configuring Intrusion Prevention/Detection System (IPS/IDS)

Was this article helpful?
15 out of 26 found this helpful