Having trouble getting your guest WiFi portal working using UniFi?
I did too and its most likely caused by you using a separate DHCP server on the network rather than using your USG for DHCP.
Here is the fix!
Go into ‘Wireless Networks’ and Edit the guest WiFi network.
Scroll down to ‘Advanced Options’ and you will see an are to enter Excepted Devices. These devices are allowed to receive broadcast traffic over the internet which includes DHCP requests and responses. The default entry here includes your USG gateway by default but if you’re not using it as a DHCP server you need to add an entry here.
Click on ‘Add Clients’
Next select the MAC address of the DHCP server on your network. In my test lab I am using a Windows 2016 Server as my DHCP server. Tick the MAC address and click on Apply.
Click ‘Save’ to provision the changes and after a minute or two devices on the guest network will be able to talk to the USG and your DHCP server.
Below shows my mobile phone registering on the network over the guest network.
Security
Now you may be wondering what happens if your DHCP server is also a file server on the network. Will adding an exception for the DHCP server mean that guest devices will now be able to speak to the server?
NO! Guest devices will not be able to connect to any folder shares or even ping the server IP address.
Get some great deals on Unifi equipment from Amazon!
27th June 2019
Thanks for a very good detailed tutorial which solved my problem.
17th September 2019
Finally.. the answer I was looking for, for some reason official documentation doesnt cover this. You would think most ‘enterprises’ would use their own DHCP server.
17th September 2019
Happy to help!
26th September 2019
Thanks Ian. Your description of the problem and solution were spot on. We just moved to UNIFY and was not expecting GUEST network to not work.
Unify should fix this issue because most organisations use DHCP servers internally. Cheers.
8th February 2020
You’ve not understood what you’ve just done have you. This is not a bug for unifi to fix, it is the default and correct behaviour
9th February 2020
Yes this is not a bug and never said it was! But if you want dhcp on your guest WiFi to work this is one way to do it. Feel free to share another so we all benefit from other options.
8th October 2019
Thanks!!!
24th February 2020
Thanks. It worked perfectly. It seems because our DC are sitting on a Load Balancing Hosts, the MAC Addresses actually change depending on where the server is sitting. So its best to put all MAC addresses of the Hosts in the list.
4th May 2020
Thanks, i have it working at last.
In my situation the mac address of my dhcp router was not listed in the ‘+ Add Clients’ box, so I looked it up in portal of my dhcp router, and manually typed that MAC address over in the box in ‘Excepted Devices’ and clicked ‘+ Add’, (it was accepted), and Save.
After successful provisioning AC point, my guest network internet is working.
7th August 2020
Under advanced options UN-CHECK “Block LAN to WLAN Multicast and Broadcast Data”
Solved my issue.
12th November 2020
This is super information !
Was looking for a week; no solution.
The tip @Johan (the mac of the DHCP is not listed) was needed, find you MAC adres of the DHCP server in your network, add it manual and all working.
Good work!
31st March 2021
Oh good lawd finally.
I had been banging my head against this issue for months. We have a Fortinet firewall that acts as the DHCP server at our library and I could not for the life of me figure out why some devices could connect to the portal and others not. This was especially the case with MacOS & iOS clients.
This will make the library patrons happy that they can get on without much ado. I’d love to buy you a beer mate!