There is another way as well to accomplish the same using DNS and probably is the easier method.
LAN A - 10.10.10.0/24, unifi controller is 10.10.10.15
LAN B - 192.168.168.1/24, AP1 192.168.168.5, AP2 192.168.168.20
/ip dhcp-server network
add address=192.168.168.0/24 dns-server=192.168.168.1 domain=ammo.home gateway=192.168.168.1
/ip dns static
add address=10.10.10.15 name=unifi**.ammo.home** type=A
NOTE: The assumption is that the unifi APs are looking for two ways to connect to the unif controller.
a via DHCP option 43 contents. (as shown in previous post)
b. each device on the subnet will ask for DHCP configuration and will get, the IP address and mask, the gateway, the DNS server and the name of the “local” domain.
The AP is expecting to see a local domain. Then the AP asks DNS to return an address specifically for unifi.domain.name and in this case will then receive 10.10.10.15
Again using firewall rules we have to ensure the APs can reach the controller.