Explained: The 5 Types of VPN in UniFi Network

I’m interested in site magic too.

Could you do a video site-to-site VPN between two USGs ? If one is behind NAT(mobile/cellurar connection). Thank you,

My QR has a click to enlarge. Maybe they added since the video?

SiteMagic: any ETA for more than 5 sites?

Can I use teleport on my iPhone and then use hotspot on my iPhone to share that vpn connection to my wifi only ipad?

Can you do a video on site magic Setup Chris? Thanks

❤❤❤❤❤❤

i have a USG-3P is wiregurad not available for this model ?

If you click on the QR code it will open a larger view. Which..... I still couldn't scan lol.

Hi, I have a a question: is teleport VPN working over double NAT? My telco provider modem does not allow my UDM Pro to have public IP (modem has the public IP)?

Please do a vide on Site Magic :)
Thanks for a very good video on Unifi VPN!

Will this work with Starlink? I read that it uses CGNAT for home users so thinking it might not work.

I'd be interested to know if "Site Magic" is totally within your control or if you are entrusting UniFi Cloud, a bit like in a typical ZeroTier setup where you generally still entrust their servers for adding nodes to the network etc.

Currently watching this video over my UniFi WireGuard VPN whilst on holiday 😅

Just an old tech addict getting crazy with my home. I recently added the UDM-SE. I started using Ubiquiti APs about 8 years ago .. now getting crazy and learning. Thanks for these great videos.

Could setting up VPN help a friend of mine run his Unifi Voice (UDMPro) even though his ISP uses CGNAT? I've not been able to help him get anything working.

I am still getting to grips with all this VPN stuff... So al present I have a VPN service on my iPhone which means I can browse the web privately but my Smart TV has no VPN. Would option 3, Private Internet Access be the type of service I need? I am currently using Proto VPN could this run on my Dream Machine?

Oh my god the R2D2 stand for UDR!

I just set this up and I cannot make it work. I turned off the wifi on my phone, started the Wireguard app and neither Safari or Firefox will connect to any IP address on my network. I did not add any firewall rules as I am the only one using this network. Any help? My Teleport VPN works great.

double nat is often a problem here in germany. many internet providers still dont know they have to open there services to my router i want to use. please make a extra video. would be helpful

Would love to see Site Magic deep dive. Especially locking down access to specific parts of another Unifi network - or even routing specific devices only through it if possible.

So, in summary, covering all the subjects that would fall beyond the scope of this video would be beyond the scope of this video?

I have been hesitant to adopt the UniFi router into my network simply because I see the rules as being a bit clunky right now. I am a die hard pfsense fan. I own a UDMSE but it is still in the box currently.

Please make a video on the site-site magic

I have an off-topic question: Can the tp_link archer ax55 router accommodate 24 clients?

Thanks for this video! I went through my settings and saw I didn't have the same options as you and realized my Unifi dream machine wasn't updating!

A site magic video on how to make multiple locations all appear to be one location, for services like Netflix, would be amazing.

Yes, please do some Site Magic videos! Thanks!

Nice walkthrough. I like the cadence of your tutorials.

Teleport question: What happens if when I do a “what’s my ip” it gives my homes WAN ip address and not an LAN address. Your video showed a LAN address.

Thanks, but one question,, what to do if I need to use an allready created Vlan ??

I want the R2D2 for my UDR please

Question on the firewall rules for Teleport VPN. Current when I use Teleport VPN on my iPhone and it can ping device on any vlan. I have the rule the block traffic between vlan. Above this rule I have rule for allow established and related and allow default lan to anywhere (setup following one of your guides). I have to pause both of these rules to stop pings from the Teleport VPN device. Any idea why?

"So remember, the Site-to-Site VPN functionality that's in a specific UniFi network controller is for connecting a Site-to-Site VPN with different types of equipment on each site. Site Magic is for connecting two different sites that are both UniFi gateways."

Probably misspoke, but site-to-site VPN also works with two UniFi controllers. I have had this running for about a year or more.

You forgot identity!

Do you have to turn on port boarding for the native VPN servers? i.e. you have to go to Port forwarding and turn on 51820 to the UDM server IP.

Have there been issues with Wireguard clients dropping or connecting? I am always resetting the l2tp and ipsec manually from the command line, and constant microsoft updates that break everything drives me crazy!

You can actually open the QR code by clicking on it.

Awesome content. Can you do a video showing the setup on udm for an iptv please? IPTV works on the UDM but some specific movies/series do not. When UDM is bypassed these then work. This is some sort of setting which I am not aware of.

Looking forward to that PIA video :)

R2-D2 UDR STAND!!!!!! SHUT UP AND TAKE MY MONEY!!!!!

Yes, would love the Site Magic video!

Great walkthrough, many thanks!

I just want to say, one of the biggest things that annoy the hell out of me is that there are no connected indicators on the Site to Site VPN tab. Give me something damn it lol. Don't make me dig in logs to figure out its been disconnected.

Very much interested in seeing more information and how-to on Site Magic

This was excellent. Thank you! I certainly hope you will do the site magic version too!

Any chance you can do a video about the Auto IPSec VTI? I'm not sure if this is deprecated but my USG Pro 4 are still showing it but my UXG does not. It would be nice to know exactly how it works... we have about 25 sites but we do manual IPSec for site to site because the Auto VTI seems to screw up routing when you have more than 2 sites.

I like those improvements in the latest Unifi Controller , but still no solutions for multiples UDMs behind NAT , so I did a multi-sites VPN using wireguard on all my UDMs with DynDNS pointing on each one of them and setup the VPN through CLI and it works great , I just need to run a simple "wg quick down wg0 && sleep 20 && wq quick up wg0" every 3-4 days .If I don't do it the transfer rate between sites drop to 1 Mbps .I don't know why.

I don't understand, this rule doesn't work for me, I already have it blocking traffic between subnets, but it doesn't block VPN traffic to any subnet. I was only able to make it work by applying the rule to lan out