Previous step: Complete the Reverse Tunnel Setup Guide preparation before starting this configuration.
This guide shows you how to enable SSH/debug mode on UniFi OS devices for reverse tunnel configuration. Before running the reverse tunnel script, you need command-line interface access to your UniFi controller.
Why this setup matters:
UniFi devices behind firewalls need SSH connections or debug tools for remote management
Reverse tunnel scripts require command-line interface access to function properly
This enables secure communication when your network devices lack public IP address access
Compatible devices:
UniFi OS devices: UDM, UDMP, UCG, UX, and similar UniFi controllers
Does not apply to self-installed servers or home user custom installations
What you'll accomplish:
You'll log into your UniFi console, configure system settings options, and establish either SSH mode or debug mode UniFi access. Choose one method - both provide the debugging mode capabilities needed for reverse tunnel functionality.
This flows directly into the next section, where you'll configure the specific access method for your UniFi network application.
Enable SSH/Debug mode access on your UDM/CK/UDR
For this next step, you need to access your Unifi controller's User Interface and continue from there.
It's only necessary to enable one of these methods. Don't enable both SSH and Debug mode if it's not necessary. Also, don't run the script in both terminals. Choose one of these methods and follow the configuration guide for it.
Enabling SSH
Enable Remote Access and SSH in Console Settings. Use the Change Password option to set a password.
Enabling Debug mode
If you aren't comfortable using SSH or simply don't have local access to the Unifi controller (if you can only access it through unifi.ui.com) you can use the debug menu to run the script.
Debug mode can be enabled under Settings->System->Advanced
SSH into your controller
Using your favorite SSH terminal (PuTTY, Windows terminal, etc.), log in to the UniFi controller. Use root as the username and the password you set above. An example command for accessing SSH is written below.
ssh root@<UniFi device internal IP address>
Use Debug mode
If you, however prefer Debug mode, simply go to Unifi Devices-> <controller name> -> Settings -> Debug mode (scrolling to the bottom required)
This will open a Debug Terminal
NOTE: If you're using any Cloud key, you cannot use debug mode on it. To bypass this, use Debug to connect to one of the access points on the site and use the command ssh root@<UniFi device internal IP address> to connect to it
Complete Your UniFi Controller Setup
Verify your access method works:
SSH connections: Test your SSH command with the configured SSH username and password
Debug mode unifi: Confirm the debug tools terminal opens and responds to commands
Both methods should provide stable command-line interface access to your UniFi controller
Connection confirmation:
Once you successfully establish SSH mode or debugging mode access to your UniFi OS device, your network devices are ready for reverse tunnel configuration. Your UniFi network application can now execute the required scripts.
Troubleshooting quick checks:
Verify your IP address is correct (SSH method only)
Confirm system settings permissions allow the chosen access method
Test command line interface responsiveness before proceeding
Next steps:
Return to the Reverse Tunnel Setup Guide to execute the tunnel script using your established connection. Your UniFi devices now have the command line interface access needed to complete the reverse tunnel configuration and enable remote management capabilities.
This setup enables secure communication between your UniFi controller and external systems, regardless of firewall limitations or public IP address availability.