August 1, 2023

UniFi OS – 4.0.6

Important Notes

UniFi OS 4.0.6 adds support for Automatic Failover for Shadow Mode, SNMP, and includes the improvements and bugfixes listed below.

Automatic Failover for Shadow Mode

With Automatic Failover, a secondary Shadow Gateway mirrors the Primary Gateway in order to provide High Availability (HA).

  • Both gateways are interconnected using a dedicated high availability link and the configuration and WAN/LAN cabling is mirrored.
  • The network connection information is synchronized between the gateways, allowing for immediate failover.
  • In the event of a hardware failure, the shadow automatically takes over with minimal downtime.
  • Set up Automatic Failover from the UniFi OS Applications page.


  • Added Automatic Failover for Shadow Mode for the UDM-Pro, UDM-SE and UDM-Pro-Max.
  • The same model gateway must be used to enable Shadow Mode.
  • Added owner transfers to System logs.
  • Added Identity Standard System Logs.
  • Added IPv6 address support for the local portal.
  • Added system logs when admins reboot the gateway.
  • Added SNMP support.
  • Allow importing users with email via CSV files.
  • Allow Full Management users to trigger firmware updates.
  • Allow removing and deactivating users/admins when Identity is deactivated.
  • Improved WAN Failover detection.
  • Improved downloading support files.
  • Improved PPPoE stability.
  • Improved DHCP Lease accuracy.
  • Improved initial user list loading speed.
  • Improved internet status checks.
  • Improved UniFi Identity user experience.
  • Improved the stability of WireGuard VPN when using FQDN as the server address.
  • Increased concurrent DNS queries for Ad Blocking and Content Filtering.
  • Improved the reliability of issuing static lease IP.
  • Improved the efficiency of initializing IDS/IPS.
  • Improved speed test accuracy.
  • Improved resiliency.
  • Improved SFP link stability after reboots/upgrades.
  • Improved admin/user removal/de-activation user experience.
  • Improved application installation resiliency.
  • Improved memory allocation for Traffic Identification.
  • Don’t change the timezone automatically after the IP change.
  • Do not send a ‘ready to update’ notification during backup restore.
  • Disabled weak MAC Algorithm support for SSH.
  • Updated Traffic Identification signatures.
  • Users/Groups now automatically get an invitation after assigning resources to them.
  • Skip password change notifications when enabling SSH.
  • Wake up the touchscreen during night mode when there is an active user session.
  • Don’t automatically enable One-Click WiFi when activating Identity.
  • Disable One-Click VPN/WiFi assignment when the service is unavailable.
  • Updated HDD reference in push notifications, it will now refer to drives.


  • Fixed high CPU usage due to dnsmasq or honeypot.
  • Fixed rare memory leak.
  • Fixed gateway configuration issues when using OSPF.
  • Fixed an issue where Auto Update settings weren’t restored after restoring a backup.
  • Fixed an issue where applications could get stuck in the Install/Uninstall Queue in rare cases.
  • Fixed an issue where the default route could be missing in rare cases.
  • Fixed firewall rule creation issues when multiple ports are specified.
  • Fixed an issue where the Internet MAC Address cannot be set back to the default one.
  • Fixed missing Traffic Identification statistics in larger deployments.
  • Fixed an issue where re-activated admins couldn’t reach the console through
  • Fixed rare deadlock issues while using Traffic Identification.
  • Fixed an issue where MAC override doesn’t work for some MAC addresses.
  • Fixed a rare case where PPPoE throughput was lower without using 0 for Smart Queues.
  • Fixed an issue where YouTube history didn’t work while using Ad Blocking.
  • [UDM] Fixed a WiFi kernel crash.
  • [UDM-Pro-Max] Fixed incorrect RPS power budget.