Remote User VPN via Wireguard VPN configuration on Unifi

Поділитися
Вставка
  • Опубліковано 24 гру 2024

КОМЕНТАРІ • 18

  • @JasonsLabVideos
    @JasonsLabVideos 3 місяці тому +1

    Helpfull !

  • @alel1531
    @alel1531 5 днів тому +1

    Hi. I realize more and more that you never stop learning and for this I thank every person like you who makes videos with always useful and interesting content. What I didn't know is the split for internet browsing separate from that of the VPN. About this I ask you: if the router is running a VPN Express, NordVPN etc. client, would it be possible once connected via wireguard to forward the internet traffic to that client? Thanks again

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  5 днів тому +1

      @@alel1531why not? As long as the devices where you host support custom route configuration, you can do that.

    • @alel1531
      @alel1531 4 дні тому

      @@ITSolutionsNetwork I have a UCG MAX. In routing > policy based rules, you can select clients on the network or vlan to route their traffic through the VPN client tunnel. Unfortunately, I don't see any clients configured on the wireguard VPN server in the list. If there is another way to route internet traffic from a client connecting to the home network through the wireguard server to the VPN client, unfortunately I don't know of it.

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  4 дні тому +1

      @@alel1531 I'm a little confused as to what you try to achive.
      You have UCG-MAX and Connected VPN client.
      When you say forward internet traffic to the client, do you mean the client to be a "gateway" for the internet for the traffic that is originated from UCG-MAX?

    • @alel1531
      @alel1531 4 дні тому

      @@ITSolutionsNetwork I have configured a wireguard vpn server on the UCG. I have configured a client (my smartphone) which regularly connects to the server. When it connects, I can connect to the services on the lan without problems. However, now the public IP that my smartphone shows is that of my ISP, so when I am connected to the VPN server, I browse the internet showing my public IP. Is there a way to route the smartphone's internet connection through the NordVPN client also configured on the UCG?
      Unifi says:
      To route traffic from devices on the VPN, you need to add a Traffic Route.
      Go to the Traffic Routes section in your UniFi Network application.
      Create a new route that directs traffic from the WireGuard VPN server to the NordVPN client.
      If I go on route, there is no possibility of doing what they say.

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  4 дні тому

      @ Got it.
      What’s missing from the options, the source(smartphone) traffic or the next hop (NordVPN)?

  • @fUjiMaNia
    @fUjiMaNia 2 місяці тому +1

    Hello great video but I've tried both Teleport VPN and WireGuard VPN and I'm unable to ping or reach any of the devices on the local network from my Laptop. VPN connection is succefull using both options and I can see my laptop listed as a VPN client in Unifi with the VPN assigned address but can't ping or open anything? Any idea of what's going on?

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  2 місяці тому +1

      Magic Packets don't go outside broadcast domain, hence they can't be delivered behind another router.
      You can try and install WOL packege on UniFi router and then run it via cli while logged in from Wireguard VPN, or, put some kind of host like Rasspberry Pi on the same subnet and run it from there.

  • @MJDigitalAT
    @MJDigitalAT 2 місяці тому +1

    Hello and thank you for the great Video!
    Is there a chance to host a vpn client on my dream machine and enter the Internet threw the VPN Client over the Unifi from a via wireguard connected device? Thx

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  2 місяці тому +1

      Just to make sure I understand your question, you have two UniFi devices and want to use one to go through another for internet? You mentioned client on dream machine.

    • @MJDigitalAT
      @MJDigitalAT 2 місяці тому

      ​@@ITSolutionsNetwork : I have a smartphone (outside of my local network) connected to my Dream Machine via VPN (WireGuard) to access my local data and services, as well as to browse the internet. When browsing, my smartphone shows my home’s public IP address.
      Additionally, my Dream Machine has a VPN client (e.g., NordVPN) that routes all traffic from the Dream Machine through NordVPN, giving me a NordVPN IP address. However, I've noticed that only local traffic is routed through this setup, not the VPN traffic from WireGuard.
      This raises the question: is it possible to also route the WireGuard server and devices (such as my smartphone) through the NordVPN connection? Currently, I don't have access to the subnet of the WireGuard VPN server on my Dream Machine.
      With your method, I was able to display the public IP address of my ISP by modifying the IP range (0.0.0.0/24), but I couldn’t get it to show the VPN IP address of the Dream Machine’s VPN connection.
      Your approach with modifying the WireGuard protocol seems interesting, but I’m also unable to find a proper solution there.

    • @MJDigitalAT
      @MJDigitalAT 2 місяці тому

      @@ITSolutionsNetwork I have a smartphone (outside of my local network) connected to my Dream Machine via VPN (WireGuard) to access my local data and services, as well as to browse the internet. When browsing, my smartphone shows my home’s public IP address.
      Additionally, my Dream Machine has a VPN client (e.g., NordVPN) that routes all traffic from the Dream Machine through NordVPN, giving me a NordVPN IP address. However, I've noticed that only local traffic is routed through this setup, not the VPN traffic from WireGuard.
      This raises the question: is it possible to also route the WireGuard server and devices (such as my smartphone) through the NordVPN connection? Currently, I don't have access to the subnet of the WireGuard VPN server on my Dream Machine.
      With your method, I was able to display the public IP address of my ISP by modifying the IP range (0.0.0.0/24), but I couldn’t get it to show the VPN IP address of the Dream Machine’s VPN connection.
      I hope I expressed myself clearly. I’ve been trying for weeks to route my smartphone -> WireGuard -> Dream Machine -> VPN Client (Nord) -> Internet, but I can’t find a solution.
      Your approach with modifying the WireGuard protocol seems interesting, but I’m also unable to find a proper solution there.

    • @ITSolutionsNetwork
      @ITSolutionsNetwork  2 місяці тому

      You can surf the internet through your UniFi router using WireGuard remote VPN user if that's what you are asking. You'll be visible as coming from your internal network to the outside networks, using your UniFi routers public IP.

  • @muhammadali8105
    @muhammadali8105 Місяць тому +2

    Completely useless video. No idea, on which machine you're clicking what and what is the purpose of these (new kinds of) VPN. Is it for hiding traffic of employees into the internet? Is it for remote employees that connect to the company? Where to install what? Watching such a video is only then no wast of time, if you already know about this stuff. But is that the target group?