Thanks for the video, which helped me. Being no UDM expert, but there is also another way instead of creating two rules for covering both directions: Define a rule to allow all established and related sessions for internal adresses. Source: all local IPs, dest: all local IPs. Then under advanced check established and related. Works for me and could be easier, if you are creating more similar rules and want to avoid pair of rules.
Just playing with WG on Unifi for the first time today, seems like it's not going to work S2S, it's just for desktops, phones to connect back. Trying to get it to play with PFSense...
"because traffic will be allowed in both ways" - I don't understand the purpose of creating a rule for "returning" traffic, my friend. Never did that. Unifi firewalls are stateful...
I've had the same results. I follow the same steps and I get connected but I have no internet access and can't ping anything. Also my VPN device never shows up in connected devices.
Sadly, showing a speed test will prove absolutely nothing since speeds are highly dependent on several factors like isp speeds, distance between client and server and several other factors. I can tell you that at least for me, the is no comparison between the old l2tp based vpn and wireguard. Wireguard kicks ass!
Thanks for the video, which helped me. Being no UDM expert, but there is also another way instead of creating two rules for covering both directions:
Define a rule to allow all established and related sessions for internal adresses. Source: all local IPs, dest: all local IPs. Then under advanced check established and related.
Works for me and could be easier, if you are creating more similar rules and want to avoid pair of rules.
Thanks you so much... You just solve my problem with communication network. I like this video...
Great video. How do you define whether the Wireguard client uses full or split tunneling?
Loved the video, Avi! Awesome walkthrough!
Thanks Frank. Glad you liked it. Thank you for watching
Thanks so much! But I can't ping any device on my default network. Any idea what it is?
i have block intervlan active and can still connect to anything on the network
Just playing with WG on Unifi for the first time today, seems like it's not going to work S2S, it's just for desktops, phones to connect back. Trying to get it to play with PFSense...
For now, its only implemented as a remote access vpn. Not as site to site
@@TechMeOut5 Thank you for taking time to respond.
Thanks. How can I tag a VLAN to a client?
What do you mean?
Hi, are you able to block VPN clients from acces to VPN's and also the other subnets Gateways/ Interface of the UDM?
Hi. I think i may have a hard time understanding your question. Can please try to explain further?
I think for some reason on UDMP/UDMSE (unlike on UDM) you need to assign that drop rule to LAN-OUT instead of LAN-IN.
@@TechMeOut5Hi! Is it possible to block WG client from access UDM WebUI or SSH?
For me nothing helped :(
Vpn rule is in lan out not lan in
"because traffic will be allowed in both ways" - I don't understand the purpose of creating a rule for "returning" traffic, my friend. Never did that. Unifi firewalls are stateful...
Followed step by step, no joy…
I've had the same results. I follow the same steps and I get connected but I have no internet access and can't ping anything. Also my VPN device never shows up in connected devices.
Ubiquiti have always had shitty speeds with their VPN options... Show us a speedtest
Sadly, showing a speed test will prove absolutely nothing since speeds are highly dependent on several factors like isp speeds, distance between client and server and several other factors. I can tell you that at least for me, the is no comparison between the old l2tp based vpn and wireguard. Wireguard kicks ass!