You are required to have internet access to setup something like the UDM-Pro. After it is setup you can create a local admin account and disable remote access.
Here is how:
1. Login with your online account credentials and password
2. Choose system settings
3. Choose advanced
4. Disable Remote Access
5. Confirm that "Transfer owner" won't be available if you disable remote access.
The issue in general is that the UniFi stuff can be crappy and buggy, but it SUCKS LESS then any other complete solution for a home / small enterprise there at the price point.
I personally used to given them a strong recommendation and even now that is a recommendation with some footnotes. They have been growing to fast and the SW quality has gone down. Being on the latest release is not always the best idea.
To be fair in my I have had many conversation with Cisco that started with "no, not the latest GA, but what is the latest proven STABLE GA."
> But what's your reason to be going such lengths instead of just plugging UDM into their router?
While you can do this and things will generally work, AT&T restricts all of their residential gateways from operating in a true passthrough/bridge mode to another router. So you end with double NAT and all the joys that entails (such as [1]). There are also a number of other issues that have been associated with operating in their faux-passthrough mode, including
- Issues with IPv6 prefix delegation
- Sporadic latency spikes (an issue in general, that you inherit since the gateway is still "doing" everything it normally would, since it won't actually act as a ure passthrough/bridge)
- A firmware update capped throughput at 50Mbps (later fixed in another firmware update)[2]
- Firmware updates tend to silently re-enable the built-in wifi radios
So while it'll generally work, it ends up problematic. You inherit all of the performance issues associated with just using the gateway as your all in one modem/router/firewall/AP/gateway, plus the addition of double NAT, plus the sharp edges of their poorly implemented faux-passthrough modes, plus the ever-present concern that you're one firmware update away from a non-working network despite having used their official passthrough configuration.
Hence why gateway bypasses are so popular[3][4][5][6]. Even if they're a bit involved to set up, once you get it working things just... work. With little if any upkeep (potentially a few minutes after a power outage, depending on the bypass method you implement).
I have been doing some woodworking for the past couple years now (still very much an amateur). My woodworking started with making some standing bottle openers as presents (kind of like these [0]). All it required was some cheap pine, a bit of stain, a sander and a saw (I used my dad's table saw, but you could just use a hand saw). I have since made some various pieces of furniture, odds and ends like random shelves around my house and some cutting boards. My advice:
- Hand tools are a great place to start, they are cheap they don't take up much room, they don't make too much noise and dust. Working with hand tools can be pretty relaxing, and can also be a good workout (which could be a bonus or a negative). I do have a decent collection of power tools now but still not everything. The power tools I use the most are drill, miter saw, circular saw, and sander.
- Check craigslist often, both for cheap (sometimes free) wood and for cheap tools.
- You can make something really cool out of something else. I made a kitchen island out of some old wall cabinets and a butcher block I got off craigslist. I also made a pirate ship wheel out of old stair spindles and a garden hose reel. This allowed me to try out skills on a bigger project while using someone else's work to kind of start from. I didn't have to first learn how to make cabinets or learn to turn wood on a lathe.
- Youtube is your friend you can learn how to do almost anything. The maker channels are great but often times they do have a lot of specialized expensive power tools. The "This Old House" youtube channel [1] is pretty good and has a lot of good basics. Also "Woodworking for Mere Mortals" [2] as the name implies is also good at showing how you get things done without investing in super expensive specialized tools.
- You will always notice the mistakes you have made, but hardly anyone else will. And you will make mistakes, I have made plenty and there are still plenty in my "finished" products.
- Routers are super cool tools and with the different bits you can get you can make awesome professional looking patterns. I got my router and a set of bits off craigslist as well, but there are some cheap options out there.
I'm the founder of a company that is ~250 people, remote first, and still fully remote. We do have an office in SF, but ~10% of our employees are present, almost no full teams are centralized, and all our processes revolve around remote work. Important to note that we're a US-founded company (this comes along later).
I'm going to use this comment as a way to talk about remote hiring generally, rather than respond directly to your comments. I want to help others understand some of the challenges it has been being one of the larger (relatively) fully distributed companies.
I think there is a common misconception that the world is mostly flat and that our company can hire from anywhere. I am commonly criticized when tweeting job postings (almost always remote) when the countries we can hire from is limited to a select few. "Not real remote" "first world remote only" "remote != 8 countries" etc. are common criticisms.
Disclaimer for the remainder: I am not a lawyer and my exact details because of that may be wrong. Please consult your own legal team.
When hiring remote, there are a few things to keep in mind:
1.) You have to adhere to employment laws within the country you're hiring from. Employment laws vary widely between countries and getting them wrong can be very expensive. For example: vacation time will vary, holidays will vary, the ability to let someone go will vary, what you can/cannot expect from an employee varies. In one country, emailing an employee outside of work hours is legally considered harassment; when working with multiple timezones that's a challenge because "in work hours" for one country may be "out of work hours" for another country.
2.) To employ someone full time, many countries require you to have a legally entity within that country. Establishing a legal entity takes a lot of time and a lot of money.
In the past 12 months, we've had at least one member (more now) on our HR/finance teams establishing legal entities _full time_. I've had my signature on at least 8 incorporation documents in the past 6 months. By the way, most incorporation documents require a "wet" signature so if you're remote like we are, be prepared to be FedExing a lot of sensitive legal documents around.
Beyond just paperwork, there are often requirements to establish a legal entity: a real, physical, local address is one. In one country, we had to pay out of a local bank account in local currency (which has its own red tape), and this country also required we maintain a minimum balance to pay 3 months salary in the local account in local currency at all times. For a startup, that much cash "not working" can be problematic depending what stage you're at.
In one country we're establishing an entity in, the process just takes a LONG time. We've been responding to any inquiries and sending paperwork immediately and we're 8 months in and still probably 2 months away from completing the process. Meanwhile, we still can't legally hire there.
A lot of legal paperwork is understandable in the local language of where you're creating the entity. This means that you also have to pay lawyers fluent in that language to vet the paperwork. We employ full time lawyers, but primarily in English, so this requires us to go to expensive outside counsel.
Finally, this is all expensive. There are fees to creating entities but also recall that we have multiple full time employees that spend their entire day establishing legal entities. So we have our own full time salary costs plus filing costs plus legal costs.
3.) Hiring contractors DOES work around some issues, but has its own downsides. First, we can't offer options/stock to contractors and we'd like all our employees to benefit from this. Second, we often can extend the same full time benefits we want all our employees to share such as healthcare, 401K, etc. Put another way: we want all HashiCorp employees to be employees, we don't want to create second class citizens.
Legally, some countries have legal limits on the hours a contractor can work or length of time they can be contracted before they're considered an "employee" by default and regardless of what you SAY the relationship is, the country will consider it employment and points 1 and 2 above all take effect immediately.
So we certainly DO hire contractors but our point of view is that we intend to hire those people full time over time. We'll often hire contractors if we know that we'll have a legal entity established to hire them within X months, and we're up front with the new hire about this. We'll also pro-rate option/stock vesting for their contractor period when they are hired.
4.) We prioritize countries where we have the most interest. We get asked a lot "please hire in X" but if the number of times we've heard X is much lower than Y, then we'll prioritize Y first.
This creates somewhat of an imbalance, since more countries with a more established tech ecosystem generally have more qualified candidates and therefore get prioritized higher.
We WANT to hire from everywhere, but as a startup with constrained capital and timelines, we have to be pragmatic about choosing the locations where we'll probably be able to hire the most roles while we continue to expand our entities.
5.) We are also open to relocating employees into countries where we do have entities. We've done this multiple times, we pay a relocation fee, and its a great way to hire someone from a country where we can't [yet]. Also note they're "relocating" but are still working remote.
Of course, this is highly dependent on the individual and it is unfair of us to ask or force someone to do this if they have an established family, friend circle, and generally just a life in their existing country. So this only works some of the time!
6.) Despite building process around remote-first, we try to a keep a healthy timezone overlap in each of our teams (3 to 4 hours out of the working day is best). We find that teams that have a team member with a non-overlapping TZ struggle for multiple reasons. So, even though we can hire in many countries now, we'll restrict some job postings to certain countries so we can have that overlap.
EDIT, some additions:
7.) Each US state ALSO requires a legal entity in addition to adhering to state-local employment laws, taxes, and more. At this point HashiCorp has entities in ~30 US states.
Further, there is a tax consequence to the business outside of employment taxes. If you hire an employee in a state, you also now have to pay sales tax on revenue from there. You may argue for/against whether that makes sense, but for a startup this can be VERY expensive.
Our corporate tax obligation would be hundreds of thousands of dollars [less] if we didn't employ people in New York state. We've had to weigh this in cases because the tax obligation from hiring _one_ individual could suddenly be that you can't afford to hire _multiple_ other individuals.
Note we don't want to avoid taxes, that's not what we're doing. But startups are capital constrained and we have to determine long term how we continue to grow and hundreds of thousands of dollars can make a difference.
Finally, I want to note that we're 100% dedicated at HashiCorp to remaining fully remote. We WANT to hire from everywhere. We're establishing the entities and process to hire in new countries full time. 18 months ago we could only legally hire in 2 countries, today we can hire in 8. By the end of the year it should be at least 4 more. We'll continue from there.
I could write a LOT more about culture and process within the company. But this comment is already getting very long and I think I'll keep it to this. Maybe in the future I'll write more about "chat literacy", the importance of decision inclusion, things that definitely don't work, keeping people motivated/happy, managing people you can't physically see, the lack of body language for signaling, and a lot more.
1. An initial call, handled by a principal ("founder"), with the objective of explaining the role and the company and arming the candidate with as much detail about the hiring process as is practicable.
2. A followup in email shortly thereafter confirming interest and locking down schedule.
3. 1-3 work-sample challenges (our current set, for the role we're hiring now, is a short combined AWS/Django security assessment, an automated best-effort-secure deployment of that Django app in a fresh AWS environment we provide, and a short API scanner programming challenge):
3a. Introduction: provide the candidate with advance knowledge of what will be on the challenge and what they'll want to know going in, along with time expectations.
3b. Preparation: offer the candidate books, links to presentations, and a practice version of the challenge to get confident and comfortable with the challenge.
3c. The challenge proper.
3d. Scoring: each challenge has a pre-built scoring rubric, on a 1-5 scale, designed so that anyone on the team can quickly score a submission.
4. Meet in person: after informing the candidate they did well on technical qualification, we do a single round of in-person "interviews"; no whiteboard, no coding, just meet and greet and discuss logistics.
5. Offer.
Missing from this process:
1. Recruiters.
2. Resumes.
3. Telephone interviews.
4. Technical interviews from members of the engineering team.
5. Any significant interruption to the engineering team's work.
6. Interview exercises with a member of our team watching you code.
7. Free pizza and coffee (though I guess if you asked, we'd send you one).
8. 5 of the 6 hours onsite this recommended process includes.
I'm happy to keep repeating this just as a sort of reminder that we're hiring, but this is a streamlined and improved (we didn't have practice challenges at Matasano!) version of the way we've been hiring for coming up on 10 years, and it works spectacularly well for us. People keep telling me why what we're doing can't work, and I keep wondering what I'm doing wrong to make it work.
You should consider cutting way back on interviews --- especially telephone interviews, which I've found to be completely worthless as generators of real insight into candidates --- and replacing them with work-sample challenges. But be serious about it if you do: candidates hate "take-home projects", and when I ask them about it, it always turns out that those projects precede or follow a standard interview loop. Fuck the interview loop. Interviews are a random function. Figure out what skills you need candidates to have on day 1, and then just build something that checks if candidates have those skills.
Here is how:
1. Login with your online account credentials and password 2. Choose system settings 3. Choose advanced 4. Disable Remote Access 5. Confirm that "Transfer owner" won't be available if you disable remote access.
The issue in general is that the UniFi stuff can be crappy and buggy, but it SUCKS LESS then any other complete solution for a home / small enterprise there at the price point.
I personally used to given them a strong recommendation and even now that is a recommendation with some footnotes. They have been growing to fast and the SW quality has gone down. Being on the latest release is not always the best idea.
To be fair in my I have had many conversation with Cisco that started with "no, not the latest GA, but what is the latest proven STABLE GA."