The RADIUS setting would be useful if say for example you were running Active Directory and had a bunch of user accounts in there to authenticate against. You could setup a RADIUS server and then specify this server in the above setting at around the 5:00 mark...
As a new Unifi user I cannot help you enough for your videos. I had a good plan for what I wanted to do but being able to follow you was even better. Now I have a secure network separation, port security and now, once I solve my double NAT problem, a VPN. Thanks Chris!
For some reason I simply cant connect. I have follwed the guide, my USG is connected directly to my ISP with no additional router. I managed to get it working inside my home over wifi a coupple of times, but even here it stopped working and outside the internal network I cant get it to work. Using both windows 11 and iphone to test? Any ideas.
This video series has been very helpful so far, thank you. If it's not already in the plans I would greatly appreciate one for MulticastDNS reflector service & IGMP Snooping for AirPlay / Chromecast devices. I want to learn the best way to allow traffic from my trusted LAN network into the IoT network for these services and only allow the port traffic that they require to function.
I just set up my UDM-Pro and followed this series to find that I also need to further allow traffic for HomeKit etc. Did you find anything that works off of Chris's series?
I am using this series as a lookup backa and forth now that my UDM pro arrived. I think you need to remake this episode though, in version 7.1.65 ov the Network application the VPN setup is completely different. It has mooved to itäs own menu option on the settings page now. ;)
Tried this several times, both before this video came out and after. Always ends the same…I get a message on my phone that says “The L2TP-VPN server did not respond”. I confirmed my external IP address (even pinged it while on 5G), and followed the video to a “T” (I didn’t poach your usernames or passwords…lol). Since I created and deleted my VPN network several times, here’s a handy note. When you go back into your VPN network settings, there’s a new little banner at the top that says “Learn how to set up your VPN here” and the link pops up all the info you need on your remove device. Of course this hasn’t worked for me. Trying to figure out if the connection is being blocked by my Arris S33 modem, but there are no settings in it I’ve found to block or allow it. What troubleshooting or log checking can I do at this point? Oh, and I definitely owe you a six pack for all the detailed info in this series! ***** FIXED ***** took a week plus Ubiquiti support remoting into my network to find the problem. Turns out that the Radius user id and password can’t contain certain special characters. I asked if they’ve got a guide on what their special character limitations are and the answer was no.
Great video... I'd love to see you set up a UDM to UDM-Pro P2P tunnel and explain how to set up routing so PCs and Printers on both networks are visible to each other. Thanks for considering!
Hi Chris, thanks for your video. One comment: In many parts of the world (in my case Europe where I have a 100Mbs connection) the WAN IP Address is dynamically allocated from the ISP (>80% of the consumer connections) which makes the UDM Pro VPN config unusable. For some reason, once the configuration is created (when you select the WAN interface), the current IP gets recorded in the config and if it changes (which will happen if you do no not have a static IP) the VPN configuration becomes invalid. Most routers/firewalls bind the interface to the configuration which means that any changes on the IP of that interface will automatically be reflected in the configuration of the VPN. I think this should be mentioned in your video as it will save many frustrated users from trying to figure out what went wrong... Until now, I have not seen any workaround to fix that other than reconfigure the VPN config created with the new IP... which will change again....
Thanks for your comment, Vassilis! It's good to see a confirmation on this. This issue is extremely frustrating... Somehow the VPN server gets bound to the current IP address instead of the WAN port itself. After a dynamic address change, the VPN client just receives the message that no VPN server is listening at the given address (I am of course using a FQDN that automatically updates on IP address change). It's surprising that this does not work out of the box. My Fritzbox handled this correctly for the last 10 years.
Does anyone knows if the regular Dream Machine can be setup with a VPNclient network?? I cannot find the options to configure a new network such as shown in the video. I'm running UDM 1.11.4
Does this setup offer the client the same type of encrypted connection offered by other services (like PIA, NordVPN, etc.) for use on public WiFi? In other words, can I use this to protect my phone, tablet, or laptop connection on a public WiFi network?
Chris This part needs a little update to this video as the VPN part is in a totally different area. Quick question I have the L2TP VPN working on the .3 network which is not the default network. How do I add a rule to make the 192.168.3.x network see the default 192.168.20.x network? That way the VPN can access resources on the secure network? I would like to remote desktop my pc on the .20 network.
Chris, I am truly grateful for this series you produced. It is clear and concise and the presentation is spot on! I recently installed the UDM-Pro and have made it through most of these videos by following step by step. Unfortunately, I can't get this VPN to work on my Android phone or my Win10 PC. Could you do a follow-up video to this or provide some directions to what I might be missing? I was successfully running Wireguard prior to the UDM install.
I couldn't get it to work on my Android (Verizon) phone or my win10 tablet when connected to my phones hotspot. I then went home and setup the VPN on my laptop connected to my home network and it worked instantly. I will have to try and figure out why it wont go through my phone... Puzzling :) Thanks for your great videos. Update: After further testing, I could easily setup the VPN through my iPad on the Verizon network. This appears to be an issue with either the Samsung phone or Verizon on the droid system or all of the above.
I have a question... When I have 2 devices in the same remote site (Windows), I can't connect to L2TP VPN (UDM Pro) at the same time with different VPN users. However, I can test 1 VPN users able to connect to UDM pro from 2 different public IPs.
Thank you for the Video, could you please cover or point me in the correct direction on how to remote into individual work stations after achieving the VPN connection.
thanks for your videos! was wondering if you would ever do some sort of troubleshooting videos? i had a bunch of clients disconnecting and reconnecting and couldn't figure out why.
Hi Chris, thanks again for a great video. I just want to know if the UDM-Pro have the same VPN limitations as the USG product range. With the USG's you can't connect two or more clients from the same Internet connection over the VPN. Also do you perhaps have a road map from Ubiquity when they will add/fix this basic VPN function.
Hi, Chris. I do have a double NAT going; not really ready for bridging and letting my UDM-P take over full routing for my network. When you mean port forward to the UDM-P, do you mean to set up a port forward on my ISP modem with a specific port for the UDM-P, or port forward to the ISP modem from the UDM-P. Not sure what port to forward. My other option is to use the OpenVPN on my Pi that I have on my ISP modem. I know I can port forward the pi on the UDM-P and then port forward again on the ISP modem to the UDM-P, both being the same port assigned on the Pi. I'm just confused about which port to forward.
Hi, can i connect dream machine pro to vpn windscribe or else? Now i use asus to routing all traffic from my router to vpn. Dream machine can like this?
Thanks Chris for yet another great video. It would be great if you could make a video on how to seperate the VPN clients so that they can only access a specific VLAN. Under the user in the Radius server, there is a field that says VLAN. When I tag the user to a VLAN, I thought that it would only allow the VLAN to be accessed. But doesn’t change anything.
Hey Chris, could I get a bit of help from you on setting this up ??? My screens, such as the setting up of a new radius profile, are not like yours, and there are additional fields for me to fill in that I have no idea what to put in those fields.
anyway to update this video for the new unifi 3.0+ vpn client ( which in this video looks like a vpn server ) it's so confusing along with routes, dhcp dns server which has to be the vpn's? or you leak your dns...
Frustrated, as my Galaxy S9 Android, asks for L2TP/IPSec PSK or L2TP/IPSec RSA - and neither seem to work. The PSK version asks for an IPSec pre-shared key - which I don't recall EVER putting in on the UDM Pro. Not working. Frustrated, any advice would be great.
Can you please help me to be able to see my shared folders and printers on the computers connected to network when a client VPN is connected and willing to access those shared files and printers through UDM pro
when a VPN user is connected in this example, from the client devices tab in the UDM Pro, what do you see? i only show the name, connection, network, external IP, down and up. i feel like i should be able to click on them and get a menu on the right like you do clicking on any other client device. Is that not how it works or am i missing something?
So this process has changed. ubiquity keeps taking way features and doing things differently. They now have a VPN section and I am trying to figure out how to let the VPN users contact the LAN users.
Please tell me, can anyone tell me what is the real speed of L2TP IPsec vpn in UDM Pro or UXG-Pro? No way to find accurate tests. In the forums, people write that the vpn speed is very low. Is it so?
I would like to ask how many VPN clients can be created in UDM-Pro? And if all clients are using Windows 10, how many connections can be established at the same time? As currently, I am using OpenVPN with 10 concurrent licenses, is it possible that UDM-Pro can replace the function of OpenVPN?
can you do a VLAN and firewall for steaming devices like for plex and a synology nas for the plex to see the synology nas and apple tv or any steaming devices in this UDM-Pro complete setup 2021. one more thing can you do one for unifi protect thank
Hi Cris! Are there any changes in the configurations if I set my ISP into Bridge mode settings to configure the VPN? or the ISP itself just enable the bridge mode and I can now set the public wan IP and also the VPN?
Is it possible to setup several VPNs on the same WAN port? For example I am hosting my brother's offsite backup server and would like to setup a VPN just for him where the only thing reachable is his server, while some other friends should be able to reach only my hosted game servers but not the backup server.
This video is exactly what I was looking for. However I have the new Starlink router, bought the separate network adapter and connected it to my UDM Pro. Unfortunately the UDM Pro does not get assigned the public IP address. So my hopes of accessing my internal files on my NAS from a remote connection is no longer on the horizon. I've searched everywhere looking for some type of guide to help me correctly port forward. I was going to reach out to this guy for guidance but his website specifically outlines they only consult with businesses and not home users.
Hey Chris I love your videos. You have helped me set up my own unifi network at my house as well as help me learn more about networking in general. I would love to see some more advanced routing with the unifi devices. Could you do a video where you explain a little more into not sending all traffic over the VPN connection? Maybe specifically for windows devices? One thing I am struggling with in my home network is when I am home my connection to my internal servers can be found with DNS but when I go over my VPN I can no longer see my server through DNS and I have to connect to it through ip address. I think you do a wonderful job at explaining how the networking works and I would love to see more advanced configurations from you.
Love your videos, Chris! I have been trying to get a site-to-site VPN setup on the UDM Pro to a Juniper SRX. I see this is for Client VPN but I was wondering if you could assist with the basic settings that the UDM Pro is using. I have gotten the IKE (Phase I) side to connect. Still having issues with the IPSEC (Phase II) side associating correctly across the tunnel. Any help here would be greatly appreciated.
In the future, I'm gonna be morally obligated to buy you 10 beers, or something. As an independent contractor, I've made a good chunk of cash just by watching your videos and brainlessly repeating your steps. Particularly on the wireless bridge videos you did with the loco product line. Also: Ubiquiti should be sponsoring you, and giving you stock options.
Your videos are very helpful but sometimes hard to follow because of the new OS. I have been doing ok until now. maybe I should downgrade the os to the one you using in the videos or something haha. any ideas would be appreciated.
Chris what is the purpose of the max audio streams in advanced? Do you need to up this to allow a second call? Just curious. Thanks for all of your videos
hi, can you think of any reason why my vpn connection fails with win 10 and android client fail but my ipad connection works? i verified my ipad is actually connecting. tia
Why does your UDM Pro interface look different from mine? My machine is updated and I have switched back and forth between the old interface and the new and the settings are slightly similar ... Maddening that they are ALWAYS being changed by UniFi! I must have 10 of these units with different clients and I have the same problem everywhere ... no common interfaces ...
Hey Chris, have you been able to go to something newer than l2tp for remote access VPNs? We have an EdgeRouter for our main router, and a UDM-Pro inside the LAN that I can NAT out for remote access. L2TP was okay until android killed it off in the new version 12. Now our doctors can't get in except from a windows PC. Thanks for what you do, brotha!
Hello. I actually bought a Dream Machine after watching your video series. I've run into a problem. I need to connect to my work with VPN L2TP, this I can not make work. I can not find a solution online. Can you give me a hint or possibly a link to some help. thanks in advance
Hello Chris, thanks very much for such good content about all Ubiquiti setup it's been very very helpful. I am been watching the UDM Pro complete set up right now on video 7. I currently have Meraki firewalls MX84 and would like to buy and configure UDM Pro with some U6-LR, my question is can I disable the firewall option or not using it because of the Meraki firewall? Thanks.
Has any one got this type of VPN working on windows ? I have tried sooo many times with no luck. Works perfectly on iPhone and my Samsung just never got it working on windows.
Great videos Chris! Very insightful. With regard to firewall rules for VPN users, is it possible to restrict the VPN users from accessing the UDM Web Interface for the native and other VLANs on the network?
I've spent HOURS on this with research, testing and a lot of failures. Turns out, L2TP works fine on All Mac devices, iPhones, iMacs and both M1/intel MacBook Air/Pro. But none of the Android or Windows devices I tried this on worked. Am I missing something or is it just not compatible with Windows?
@ultradeadd Nope. It's been weeks and I still can't figure it out. Enabled CHAP.V2 on windows 10 but still doesn't work. I Have no idea. I disabled all other network devices from the network management, thought maybe my other vpn, or Hyper-V was causing this issue. Unfortunately Nothing is working :'(
@ultradeadd Hey so I figured it out. The issue was not my UDM Pro or my configuration. Turns out, there was a Windows 10 update that broke VPN. I removed that security feature update, tested it and it started working. Unfortunately, that's not an option for me, so I switched to OpenVPN on a custom Ubuntu 20.04 server.
Your videos are awesome! Since you support PIA, can you make a tutorial on how to configure it so that devices connected to a specific vlan uses PIA? thanks
not just being pedantic, but "bridge mode" doesnt pass through an IP, bridging literally only operates at layer 2. it allows the IP to be obtained on the other end of the bridge, because layer 3 isnt occurring prior. saying it "passes it through" is inaccurate. otherwise, thanks for the info - my first time touching ubiquiti
I do not know what to say really! Your description and explanation is perfect, but my setup will not work! I even try and leave the user password uncomplete, so I am challenged for the correct input and I never connect. I even tried a password of - 'password' and that failed as well. Oh well back to open vpn
Unifi should give you a huge cut if their profits. Your videos help someone like me that is diving in to networking for the first time.
Me too, 1st time setting up DM Pro and 24 port switch. But I still have a lot to learn. Hope Crosstalk can update these videos to 2023
The RADIUS setting would be useful if say for example you were running Active Directory and had a bunch of user accounts in there to authenticate against. You could setup a RADIUS server and then specify this server in the above setting at around the 5:00 mark...
As a new Unifi user I cannot help you enough for your videos. I had a good plan for what I wanted to do but being able to follow you was even better. Now I have a secure network separation, port security and now, once I solve my double NAT problem, a VPN. Thanks Chris!
For some reason I simply cant connect. I have follwed the guide, my USG is connected directly to my ISP with no additional router. I managed to get it working inside my home over wifi a coupple of times, but even here it stopped working and outside the internal network I cant get it to work. Using both windows 11 and iphone to test? Any ideas.
Just ordered my UDM pro the other day it comes tomorrow. Thanks for all your content!
This video series has been very helpful so far, thank you. If it's not already in the plans I would greatly appreciate one for MulticastDNS reflector service & IGMP Snooping for AirPlay / Chromecast devices. I want to learn the best way to allow traffic from my trusted LAN network into the IoT network for these services and only allow the port traffic that they require to function.
I just set up my UDM-Pro and followed this series to find that I also need to further allow traffic for HomeKit etc. Did you find anything that works off of Chris's series?
@@ryanabbott6050 unfortunately not. I've been having some service problems across networks still as well.
Bridge mode is sometimes also referred to as Passthrough mode...
I have really enjoyed this series of videos and have learned a lot. Will be very helpful as I set up my Unifi Dream Machine Pro.
Could you make a tutorial for setting up a dynamic DNS? That would be awesome! Love the video!
I am using this series as a lookup backa and forth now that my UDM pro arrived.
I think you need to remake this episode though, in version 7.1.65 ov the Network application the VPN setup is completely different. It has mooved to itäs own menu option on the settings page now. ;)
Tried this several times, both before this video came out and after. Always ends the same…I get a message on my phone that says “The L2TP-VPN server did not respond”. I confirmed my external IP address (even pinged it while on 5G), and followed the video to a “T” (I didn’t poach your usernames or passwords…lol). Since I created and deleted my VPN network several times, here’s a handy note. When you go back into your VPN network settings, there’s a new little banner at the top that says “Learn how to set up your VPN here” and the link pops up all the info you need on your remove device. Of course this hasn’t worked for me. Trying to figure out if the connection is being blocked by my Arris S33 modem, but there are no settings in it I’ve found to block or allow it. What troubleshooting or log checking can I do at this point? Oh, and I definitely owe you a six pack for all the detailed info in this series!
***** FIXED ***** took a week plus Ubiquiti support remoting into my network to find the problem. Turns out that the Radius user id and password can’t contain certain special characters. I asked if they’ve got a guide on what their special character limitations are and the answer was no.
Great video... I'd love to see you set up a UDM to UDM-Pro P2P tunnel and explain how to set up routing so PCs and Printers on both networks are visible to each other. Thanks for considering!
Great video but doesn't work on Android as the only options they have for L2TP is L2TP/IPSec PSK and L2TP/IPSec RSA.
I used L2TP/IPSec PSK and it worked, but you need to go to Teleport & VPN on the udm and enable Allow weak ciphers. That worked for me
Hi Chris, thanks for your video. One comment: In many parts of the world (in my case Europe where I have a 100Mbs connection) the WAN IP Address is dynamically allocated from the ISP (>80% of the consumer connections) which makes the UDM Pro VPN config unusable. For some reason, once the configuration is created (when you select the WAN interface), the current IP gets recorded in the config and if it changes (which will happen if you do no not have a static IP) the VPN configuration becomes invalid. Most routers/firewalls bind the interface to the configuration which means that any changes on the IP of that interface will automatically be reflected in the configuration of the VPN. I think this should be mentioned in your video as it will save many frustrated users from trying to figure out what went wrong...
Until now, I have not seen any workaround to fix that other than reconfigure the VPN config created with the new IP... which will change again....
Thanks for your comment, Vassilis! It's good to see a confirmation on this. This issue is extremely frustrating... Somehow the VPN server gets bound to the current IP address instead of the WAN port itself. After a dynamic address change, the VPN client just receives the message that no VPN server is listening at the given address (I am of course using a FQDN that automatically updates on IP address change). It's surprising that this does not work out of the box. My Fritzbox handled this correctly for the last 10 years.
Excellent series. You got me up and running within an hour! Would buy you a beer, but I don't do PayPal.
Does anyone knows if the regular Dream Machine can be setup with a VPNclient network?? I cannot find the options to configure a new network such as shown in the video. I'm running UDM 1.11.4
Very helpful, straight to the point guide. Thanks
is l2tp /ipsec psk /rsa something different from l2tp? I only get the first two options in android vs just pure l2tp and im failing to connect :(
Does this setup offer the client the same type of encrypted connection offered by other services (like PIA, NordVPN, etc.) for use on public WiFi? In other words, can I use this to protect my phone, tablet, or laptop connection on a public WiFi network?
Chris This part needs a little update to this video as the VPN part is in a totally different area. Quick question I have the L2TP VPN working on the .3 network which is not the default network. How do I add a rule to make the 192.168.3.x network see the default 192.168.20.x network? That way the VPN can access resources on the secure network? I would like to remote desktop my pc on the .20 network.
Chris, I am truly grateful for this series you produced. It is clear and concise and the presentation is spot on! I recently installed the UDM-Pro and have made it through most of these videos by following step by step. Unfortunately, I can't get this VPN to work on my Android phone or my Win10 PC. Could you do a follow-up video to this or provide some directions to what I might be missing? I was successfully running Wireguard prior to the UDM install.
I couldn't get it to work on my Android (Verizon) phone or my win10 tablet when connected to my phones hotspot. I then went home and setup the VPN on my laptop connected to my home network and it worked instantly. I will have to try and figure out why it wont go through my phone... Puzzling :) Thanks for your great videos.
Update: After further testing, I could easily setup the VPN through my iPad on the Verizon network. This appears to be an issue with either the Samsung phone or Verizon on the droid system or all of the above.
Any videos on doing this in UDM version 7.2? Thanks!
Chris Any chance you can add a video to go over Teleport and appropriate / ideal firewall rules?
Great information as always. Thanks Chris
I love your ubiquiti videos.
Are their any videos on using VLAN tagging and using 2 Nanobeam AC Gen2 air bridge with 2 WAPs?
great video, however, I can't see that part for the public IP address below the preshared key. could it be the controller version?
Great videos! How do I set up a hairpin nat on one of my ports?
This will be very handy once I get my UDM pro. Thanks 👍
Well done Chris.
Great series Chris!! Thank you very much
I have a question... When I have 2 devices in the same remote site (Windows), I can't connect to L2TP VPN (UDM Pro) at the same time with different VPN users. However, I can test 1 VPN users able to connect to UDM pro from 2 different public IPs.
Thank you for the Video, could you please cover or point me in the correct direction on how to remote into individual work stations after achieving the VPN connection.
Do any Verizon fios customers know how to enable bridge mode? It is really frustrating that they don't seem to allow it or make it possible.
Have you seen the UDM disconnect the client VPN after a few minutes? This happens to when I use my UDM VPN.
Why doing this method are you unable to connect to other devices on the network such as RDP into a desktop or even ping that desktop?
My dumb ISP dont provide bridge mode on their modems but a PPPoE connection.... Is it the same?
thanks for your videos! was wondering if you would ever do some sort of troubleshooting videos? i had a bunch of clients disconnecting and reconnecting and couldn't figure out why.
Hi Chris, thanks again for a great video.
I just want to know if the UDM-Pro have the same VPN limitations as the USG product range.
With the USG's you can't connect two or more clients from the same Internet connection over the VPN.
Also do you perhaps have a road map from Ubiquity when they will add/fix this basic VPN function.
I have the same question...can someone help?
Outdated video, unfortunately. Would love to see updated video I can use with the 2024 UDM Pro
Hi, Chris. I do have a double NAT going; not really ready for bridging and letting my UDM-P take over full routing for my network. When you mean port forward to the UDM-P, do you mean to set up a port forward on my ISP modem with a specific port for the UDM-P, or port forward to the ISP modem from the UDM-P. Not sure what port to forward. My other option is to use the OpenVPN on my Pi that I have on my ISP modem. I know I can port forward the pi on the UDM-P and then port forward again on the ISP modem to the UDM-P, both being the same port assigned on the Pi. I'm just confused about which port to forward.
worked like a charm. Thanks for the video.
Hi, can i connect dream machine pro to vpn windscribe or else? Now i use asus to routing all traffic from my router to vpn. Dream machine can like this?
What if I have a dual WAN (static IPs), is it okay to use either the ISP 1 IP Address or the ISP 2 IP Address in the client side?
Thanks Chris for yet another great video.
It would be great if you could make a video on how to seperate the VPN clients so that they can only access a specific VLAN.
Under the user in the Radius server, there is a field that says VLAN. When I tag the user to a VLAN, I thought that it would only allow the VLAN to be accessed. But doesn’t change anything.
Hey Chris, could I get a bit of help from you on setting this up ??? My screens, such as the setting up of a new radius profile, are not like yours, and there are additional fields for me to fill in that I have no idea what to put in those fields.
anyway to update this video for the new unifi 3.0+ vpn client ( which in this video looks like a vpn server ) it's so confusing along with routes, dhcp dns server which has to be the vpn's? or you leak your dns...
Frustrated, as my Galaxy S9 Android, asks for L2TP/IPSec PSK or L2TP/IPSec RSA - and neither seem to work. The PSK version asks for an IPSec pre-shared key - which I don't recall EVER putting in on the UDM Pro. Not working. Frustrated, any advice would be great.
Can you please help me to be able to see my shared folders and printers on the computers connected to network when a client VPN is connected and willing to access those shared files and printers through UDM pro
when a VPN user is connected in this example, from the client devices tab in the UDM Pro, what do you see? i only show the name, connection, network, external IP, down and up. i feel like i should be able to click on them and get a menu on the right like you do clicking on any other client device. Is that not how it works or am i missing something?
So this process has changed. ubiquity keeps taking way features and doing things differently. They now have a VPN section and I am trying to figure out how to let the VPN users contact the LAN users.
Please tell me, can anyone tell me what is the real speed of L2TP IPsec vpn in UDM Pro or UXG-Pro?
No way to find accurate tests. In the forums, people write that the vpn speed is very low. Is it so?
I would like to ask how many VPN clients can be created in UDM-Pro? And if all clients are using Windows 10, how many connections can be established at the same time?
As currently, I am using OpenVPN with 10 concurrent licenses, is it possible that UDM-Pro can replace the function of OpenVPN?
VPN (L2TP) with Double NAT.
Nö Chance at my Environment. I am on the was to Change Form UDM to OPNsense
can you do a VLAN and firewall for steaming devices like for plex and a synology nas for the plex to see the synology nas and apple tv or any steaming devices in this UDM-Pro complete setup 2021. one more thing can you do one for unifi protect thank
Hi Cris! Are there any changes in the configurations if I set my ISP into Bridge mode settings to configure the VPN?
or the ISP itself just enable the bridge mode and I can now set the public wan IP and also the VPN?
Appreciate your videos.
Do you know if you can use MFA with the VPN?
BUMP!
BUMP again!
Is it possible to setup several VPNs on the same WAN port? For example I am hosting my brother's offsite backup server and would like to setup a VPN just for him where the only thing reachable is his server, while some other friends should be able to reach only my hosted game servers but not the backup server.
I have a Pixel 6, these android phones do not have L2TP VPN options. Can someone recommend a VPN client app supporting L2TP VPN that works well?
This video is exactly what I was looking for. However I have the new Starlink router, bought the separate network adapter and connected it to my UDM Pro. Unfortunately the UDM Pro does not get assigned the public IP address. So my hopes of accessing my internal files on my NAS from a remote connection is no longer on the horizon. I've searched everywhere looking for some type of guide to help me correctly port forward. I was going to reach out to this guy for guidance but his website specifically outlines they only consult with businesses and not home users.
What do you do now that Android 12 has no L2TP?
I have Starlink and would like to set up a VPN. Is this possible?
I set 10 more win 10 vpn client, but it cannot connect together, only 1 or 2 clients and it mostly disconnected.
is there any additional setting?
Hey Chris I love your videos. You have helped me set up my own unifi network at my house as well as help me learn more about networking in general. I would love to see some more advanced routing with the unifi devices. Could you do a video where you explain a little more into not sending all traffic over the VPN connection? Maybe specifically for windows devices? One thing I am struggling with in my home network is when I am home my connection to my internal servers can be found with DNS but when I go over my VPN I can no longer see my server through DNS and I have to connect to it through ip address. I think you do a wonderful job at explaining how the networking works and I would love to see more advanced configurations from you.
Love your videos, Chris! I have been trying to get a site-to-site VPN setup on the UDM Pro to a Juniper SRX. I see this is for Client VPN but I was wondering if you could assist with the basic settings that the UDM Pro is using. I have gotten the IKE (Phase I) side to connect. Still having issues with the IPSEC (Phase II) side associating correctly across the tunnel. Any help here would be greatly appreciated.
Hi,
My business ISP tells me bridge mode disables the static IP and now my UDM pro will not connect using the static WAN IP.
Thanks for any assistance anyone can provide.
In the future, I'm gonna be morally obligated to buy you 10 beers, or something. As an independent contractor, I've made a good chunk of cash just by watching your videos and brainlessly repeating your steps. Particularly on the wireless bridge videos you did with the loco product line.
Also: Ubiquiti should be sponsoring you, and giving you stock options.
Great video 👍
Your videos are very helpful but sometimes hard to follow because of the new OS. I have been doing ok until now. maybe I should downgrade the os to the one you using in the videos or something haha. any ideas would be appreciated.
Chris what is the purpose of the max audio streams in advanced? Do you need to up this to allow a second call? Just curious. Thanks for all of your videos
Android doesn't support L2TP anymore, what can I do?
do all the remote users have the same privileges or is it possible to set up different users with different rights?
hi, can you think of any reason why my vpn connection fails with win 10 and android client fail but my ipad connection works? i verified my ipad is actually connecting. tia
This helped a lot, thanks! Can you do one on split tunnel as well, I'm highly interested in that :)
Hello, is it passable create openVPN or wireguard server on UDM or UDM pro? Thanks for help. This was a great video.
Hi! can we configure a client VPN with dyndns? without ip publica?
I have the same question. I couldn't find the ddns option on the router. It is useless without ddns.
Why does your UDM Pro interface look different from mine? My machine is updated and I have switched back and forth between the old interface and the new and the settings are slightly similar ... Maddening that they are ALWAYS being changed by UniFi! I must have 10 of these units with different clients and I have the same problem everywhere ... no common interfaces ...
can you do a video about PCI compliance ?
Hey Chris, have you been able to go to something newer than l2tp for remote access VPNs? We have an EdgeRouter for our main router, and a UDM-Pro inside the LAN that I can NAT out for remote access. L2TP was okay until android killed it off in the new version 12. Now our doctors can't get in except from a windows PC. Thanks for what you do, brotha!
can you do a video of connecting a win 10 machine to a udm-pro with vpn? tx
Hello. I actually bought a Dream Machine after watching your video series. I've run into a problem. I need to connect to my work with VPN L2TP, this I can not make work. I can not find a solution online. Can you give me a hint or possibly a link to some help. thanks in advance
Does UDM Pro can do load balancing?
Would this work with gnat? Starlink
My Samsung S20 Ultra Android have settings for IPSEC. Just leave this empty or what? I won't connect at all....
Hello Chris, thanks very much for such good content about all Ubiquiti setup it's been very very helpful. I am been watching the UDM Pro complete set up right now on video 7. I currently have Meraki firewalls MX84 and would like to buy and configure UDM Pro with some U6-LR, my question is can I disable the firewall option or not using it because of the Meraki firewall? Thanks.
Hello, I cannot connect more than 3 clients.
Has any one got this type of VPN working on windows ? I have tried sooo many times with no luck. Works perfectly on iPhone and my Samsung just never got it working on windows.
You can install ZeroTier on UDM 😀
Do tell more. ZeroTier is fantastic. A really novel way of setting up SDN.
@@markalmada9662 udm-utilities on github, link got deleted....
@@Tntdruid thanks buddy, that's a pity. It would have been great to use zerotier.
@@markalmada9662 you still can, Its still on guthub, CrosstalkSolutions deleted the link from this comment....
Great videos Chris! Very insightful. With regard to firewall rules for VPN users, is it possible to restrict the VPN users from accessing the UDM Web Interface for the native and other VLANs on the network?
Its slow when accessing files via vpn though
I've spent HOURS on this with research, testing and a lot of failures. Turns out, L2TP works fine on All Mac devices, iPhones, iMacs and both M1/intel MacBook Air/Pro. But none of the Android or Windows devices I tried this on worked. Am I missing something or is it just not compatible with Windows?
@ultradeadd Nope. It's been weeks and I still can't figure it out. Enabled CHAP.V2 on windows 10 but still doesn't work.
I Have no idea. I disabled all other network devices from the network management, thought maybe my other vpn, or Hyper-V was causing this issue. Unfortunately Nothing is working :'(
@ultradeadd Hey so I figured it out. The issue was not my UDM Pro or my configuration. Turns out, there was a Windows 10 update that broke VPN. I removed that security feature update, tested it and it started working. Unfortunately, that's not an option for me, so I switched to OpenVPN on a custom Ubuntu 20.04 server.
i like it, but would like a video to refence for other devices like linux
Your videos are awesome! Since you support PIA, can you make a tutorial on how to configure it so that devices connected to a specific vlan uses PIA? thanks
Why it is not called Server?
This will not work for Android 12, only IKEv2 variants are supported now.
not just being pedantic, but "bridge mode" doesnt pass through an IP, bridging literally only operates at layer 2. it allows the IP to be obtained on the other end of the bridge, because layer 3 isnt occurring prior. saying it "passes it through" is inaccurate. otherwise, thanks for the info - my first time touching ubiquiti
It's a shame L2TP is the only supported standard. I can't VPN with my phone.
Would be great to have fixed ip address to vpn users
With L2TP not supported on Android 12, this is not going to work.
I do not know what to say really! Your description and explanation is perfect, but my setup will not work! I even try and leave the user password uncomplete, so I am challenged for the correct input and I never connect.
I even tried a password of - 'password' and that failed as well.
Oh well back to open vpn
Ok found the problem. Don't let Cloudflare Proxy your DNS Name! Make sure the DNS name has no proxy cache enabled :D