My ISP is planning to replace our fiber infrastructure (FTH) so I’m expecting some downtime. To be alerted of any downtime, I’ve setup an external service (free) to alert me of up/down status changes.
I’ve setup a simple Ping (echo) to my firewall (Unifi USG). To keep it secure, I’ve put a source restriction to ensure the firewall only responds to ICMP echo requests from my external provider UptimeRobot.
In the latest releases, one need to enable ping responses on the WAN side of the USG by creating a Firewall rule.
I’m specifying ICMP for the protocol and further specify the ICMP Type to Echo.
Now would be a good time to test it by creating the check in the external service.
The USG is provisioned when the configuration is saved.
UptimeRobot also provides a mobile app, which will enable push notifications.
Verify the check works before restricting what IP addresses are allowed to Ping your USG.
Create a named group, by entering all the IP4 addresses UptimeRobot specifies as nodes. This group is later referenced from the firewall rule.
UptimeRobot provides a list of all IPs: https://uptimerobot.com/locations
In the Source section of the firewall rule created earlier, specify the source ip group to further restrict who can Ping you USG.