I spent alot of time going through ubnt gui for my Edge router and Unifi controller for my UAP and just wasnt having it so i decided to look for the CLI documentation which still is difficult to actually find and frustrating. I was pointed to Vyatta documentation so I went through a quick start guide here (first few google hits) http://3e851594df14a9eacdef-5cc7866f7aae0a382278b5bce7412a4a.r58.cf1.rackcdn.com/Vyatta-QuickStart_6.5R1_v01.pdf . I also found a blog post about this new 'set port-forward' leaf here http://lg.io/2015/01/11/the-ubiquiti-edgerouter-configuring-this-extremely-lowcost-enterprisegrade-router-for-home-use.html that claimed to make setting up nat and firewalls stupid easy, so i ignored trying to setup nat, although i tried that as well when things failed.
I couldnt manage to access the internet on my PC network, here is the topology and configuration: 
I was able to ping from my 1.x/24 to the gateway and eth0 wan interface successfully but failed beyond that like 8.8.4.4.
Configuration:
interfaces {
ethernet eth0 {
address dhcp
duplex auto
speed auto
}
ethernet eth1 {
address 192.168.1.254/24
duplex auto
speed auto
}
ethernet eth2 {
duplex auto
speed auto
}
loopback lo {
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth1
wan-interface eth0
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name ETH1_POOL {
authoritative disable
subnet 192.168.1.0/24 {
default-router 192.168.1.254
dns-server 192.168.1.254
lease 86400
start 192.168.1.1 {
stop 192.168.1.99
}
}
}
}
gui {
https-port 443
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name R1
login {
user ubnt {
authentication {
encrypted-password $6$HrJPcpeJCNKP/zI$uhaHgz4OvvNrz1kCjaeaG4j0NX/qM1fP4WUquGfxbpbSEPFqRH9N09ua5iwQyPgfebR/RDMaEN.iOCj9ldHC./
plaintext-password ""
}
level admin
}
}
name-server 8.8.4.4
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.8.0.4853089.160219.1607 */I suspect several issues, dns forwarders(but doesnt explain pinging past wan interface, and isnt in documentation), or some nat/firewall thing(which if is the case then wth is this set port-forward stuff, and documentation setup conflicts in their method).
Another odd thing in the documentation is the 'set system default-gateway'. Without setting it seemed to give me no good results when trying to ping 8.8.4.4 from within the router, but when i did set it-which was a pain in the a to figure out but a simple 'ip route' +.1- it gave me successful pings to 8.8.4.4 so maybe it could also be final default route which im not sure how to setup. ugh.
Frustrating to think im not even halfway finished to also figuring out setting up my ap on another lan and vlan them to isolate each other.
Thank you for any help.