HA occasionally, seemingly randomly, pauses Unifi services and disables Insteon devices

dmautomation · March 14, 2026, 2:06am

It has happened twice now, months apart, where according to logs in my Unifi instance, Home assistant has paused both firewall rules and wifi networks on my Unifi controller. At the same time, some of my Insteon devices, driven through a Universal Devices EISY, turn off. Also, within the EISY interface, many Insteon devices are disabled.

Unfortunately, the EISY logs don’t seem to indicate when or how the Insteon devices were disabled, but seeing as I and Home Assistant are the only two users with access to the EISY, and I certainly didn’t disable those devices–along with the consideration that the Insteon devices turn off, without human interaction, at the same time the Unifi services are paused, I make the reasonable assumption that this is all happening simultaneously as a result of a common cause. All evidence seems to point to HA being the culprit.

I’ve read another post that seemed to attribute similar behavior to an Alexa routine. I don’t have an Alexa in my setup, don’t want one anywhere near it to be honest. I have no automation controllers aside from HA and the EISY. The EISY doesn’t have the ability to access my Unifi to be able to do anything, so I know it’s not originating there. As for HA, I have no automations that affect my Unifi Network at all. The closest thing I have involves changing some ViewPorts’ views based on motion, but they are handled through Unifi Protect which is a separate integration from Unifi Network.

The Unifi logs are clear that it is HA that is doing the pausing, identifying both the assigned HA user and HA ip address.

Any thoughts?

IOT7712 · March 14, 2026, 2:19am

On a tangent, are your Unify firmware updates set to apply automatically?

Any logs to look at (suitably formatted for forum layout using the </> options)?

dmautomation · March 14, 2026, 5:56am

Yes, Unifi firmware updates are automatically applied.

Both the console and the Network application are on the current versions. It looks like releases happened on Feb. 8 and Feb. 11 respectively. My logs go back 30 days, so in this case a couple to a few days after the updates were released. As a result, the logs don’t show exactly when the updates were applied, but it does mean that the updates had been in place weeks before this occurred this time. As for last time, I chalked it up to a one-time ghost-in-the-machine as I couldn’t find an apparent cause. As such, I don’t have the logs, nor even the time and date of the first occurrence.

For what it is worth, I recently switched to the Zone-Based Firewall in Unifi. I believe the first occurrence was before I moved the Firewall over, and this occurrence was definitely after.

Here are the relevant log entries:

Audit		Config Paused		HomeAssistant paused -------- WiFi. Source IP: --------									        Mar 9, 11:37:48 PM

Audit		Config Paused		HomeAssistant paused -------- WiFi. Source IP: --------									        Mar 9, 11:37:42 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:37:28 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:37:11 PM

Audit		Config Paused		HomeAssistant paused Allow HomeAssistant to -------- Firewall Policy. Source IP: --------		Mar 9, 11:37:10 PM

Audit		Config Paused		HomeAssistant paused Allow Return Traffic Firewall Policy. Source IP: --------			        Mar 9, 11:37:02 PM

Audit		Config Paused		HomeAssistant paused Allow Return Traffic Firewall Policy. Source IP: --------		            Mar 9, 11:37:01 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:37:00 PM

Audit		Config Paused		HomeAssistant paused Allow All Traffic Firewall Policy. Source IP: --------	                    Mar 9, 11:36:33 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:36:28 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:36:25 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:36:24 PM

Audit		Config Paused		HomeAssistant paused Allow -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:36:18 PM

Audit		Config Paused		HomeAssistant paused Allow HomeAssistant to -------- Firewall Policy. Source IP: --------		Mar 9, 11:36:12 PM

Audit		Config Paused		HomeAssistant paused Block -------- to -------- Firewall Policy. Source IP: --------			Mar 9, 11:36:11 PM

Audit		Config Paused		HomeAssistant paused -------- WiFi. Source IP: --------							                Mar 9, 11:36:10 PM

Audit		Config Paused		HomeAssistant paused Allow DNS Firewall Policy. Source IP: --------					            Mar 9, 11:36:04 PM

In the interest of security, I obfuscated names and IP addresses where appropriate. The “HomeAssistant” username has also been altered to improve clarity. Other than that, the logs are as they appear in my console.

dmautomation · March 14, 2026, 2:48pm

It looks like HA also changed some of my Protect settings. My camera overlays were missing and many of the detection types were turned off. These changes were not consistent across my cameras, with some having more, and some having fewer overlays/detections disabled.

I don’t know when this happened. It was potentially longer ago than the 30 days my Unifi logs represent. Interestingly enough, though, not all of the work I did to revert settings on the cameras seemed to be logged. I changed the settings of 3 cameras, but logs only reflect changes to one of them. I suppose that means HA could have changed the settings with the recent Network changes and it just wasn’t logged, but I assume it happened sometime before the current log set.

All of this is very annoying. Now that I recall, I did have to revert camera settings at least once in the past. I can’t, however, remember if it was in any proximity to HA’s previous Network shenanigans.

WallyR · March 14, 2026, 3:22pm

Have you used the same password for multiple accesses, like WiFi, UniFi, HA and so on ?

dmautomation · March 15, 2026, 4:32am

Absolutely and religiously not. Every place where a password can be used, a password is used, and every one is unique and strong.

Home Assistant has it’s own, separate user accounts with both Unifi and the EISY, and each has a unique, strong password. HA is also limited in Unifi to local-only access and a role has been assigned that is unique and as limited as it can be while still maintaining function. The EISY only communicates locally as well.

paulbates · March 18, 2026, 10:58am

Want to be clear about ‘disable’. In ISY speak, using the disable feature, the devices get a red X next to them. The ISY stops polling the device so interface errors don’t show up.

There’s only 2 ways that ISY disables can be initiated: via mouse clicks in iox, or UDI’s API:

http://192.168.1.x/rest/nodes/12.34.56.1/disable

(I’m not sure if UDM (mobile) has the ability to disable devices.)

When you say disable, do you mean the device is experiencing a change to Disable state in iox, or you’ve lost contact with it… or something else?

dmautomation · March 20, 2026, 10:05am

I mean just what I said: --disable-- “where devices get a red X next to them” (not actually an X, more like

), “a change to Disable state in iox,” right-click and choose “Enable” to restore or “Disable” to reproduce.

It would be difficult, if not impossible, to attribute simply losing contact with Insteon devices to Unifi or any other node on the data network given the complexities of communication on the Insteon/power-line (also wireless–that’s Insteon, not WiFi) network. Interference from some other Insteon device, an appliance, or some motor, etc. within the electrical system would be much more likely. Side note: I had a situation like that years ago with a Smartenit relay module that was putting noise onto the Insteon network and hindering communication with several devices in proximity. The relay module was working properly, but needed to have two of its terminals bridged to prevent the noise. I bring this up to demonstrate that I understand at least some of the scope of the technologies involved and have at minimum a passing knowledge and some small experience of where to start looking for these issues.

Now, if we’re truly interested in clarity, what do you mean by “UDM (mobile)”?

I assume by “UDM (mobile)”, you mean the “UD Mobile” (Universal Devices Mobile) app. I don’t use it. I access the IoX interface exclusively through the Java applet and only through LAN; I haven’t enabled Cloud access. Home Assistant has access through the “Universal Devices ISY/IoX Integration.” Those are the only two ways the EISY gets configured, barring some deeper network security issue in defiance of unique, very strong passwords, VLAN isolation, and all the other security measures and detection systems in place, as well as no evidence that there have been any intrusions or unauthorized access. It would be a pretty weak and ineffectual attack in any case.

If instead, you mean Ubiquiti’s “Unifi Dream Machine” (UDM) series, and it’s associated mobile apps (Network, Protect, etc.). I don’t see how the Unifi controller would even be aware of the IoX as anything other than just some device on the network. As far as I know, there is no infrastructure in place, other than maybe using webhooks within Unifi’s “Alarm Manager” interface in interesting ways, to control or configure IoX. I certainly haven’t set up anything like that, nor have I found any evidence of anything like that in my setup.