Unifi Remote User VPN setup and firewall rules

Heads up to anyone on Android 12, they removed L2TP support, and this latest version of Unifi OS only supports L2TP (it does not support IKEv2, which is the only option provided by Android)

stephenkiser

Thank you! I was missing one step and your walkthrough helped me reconnect!

jasonax

Amazing, finally a tutorial that I was able to follow and it actually worked first time exactly as you showed. 😀

ChrisC-Pi

How come the "Block VPN to networks" firewall rule was created as LAN Out and not as LAN In?

fletchowns

Thank you so much Mac. You helped me diagnose and fix a connection problem we were having. Getting an error when connecting to the VPN. Had to enable the "Require Strong Authentication" as discussed in your video. Wahhoooo!

thigbe

Trying to map a SMB drive from my Windows Server so I can access through my VPN. No one has a clear answer out there on how to accomplish this. I can’t see devices and mapped drives on the LAN when connected through VPN. It would be nice if Ubiquiti built in a simple function to turn on that would “bridge” the LAN and VPN subnets together!

benjaminc.m.

This video helped me configure mine, thank you! Some of Unifi's UI is a bit cryptic.

peteryates

Are you supposed to be able to see active VPN client connections on the controllers client devices section?

joshuaimholz

If I'm using DDNS to get a domain name that links back to my home's current external IP, do I just set up the iPhone VPN client to point to this domain? Just a home gamer here, not sure if FQDN = my DDNS domain. My hope is that when my ISP updates my external IP address it won't require me to go back into the iPhone and change the VPN settings to a new server/public IP address.

Anewtubeyou

Any word on if the gateway issue has been solved?

ventureon_it

I can ping everything on my home network through my Open VPN connection, except for my Synology NAS. It seems to be a Synology issue. Would you happen to know off-hand what setting needs to be changed in the Synology so that I can connect to it from a different VLAN?

fordsrmaster

I have a problem. I can only connect with one vpn l2tp user at a time from the same remote ip. Does anyone know how to fix?

brunomallmannformulo

I'm trying to setup ddns for my VPN as I have a dynamic IP address but having issues.

DJGeek

Have you tried blocking the gateway addresses as destination and VPN as source on the IN interfaces?

bassbacke

can connect from my iphone, cannot connect from my mac. If I connect to my iphone on cellular to simulate outside connection I can connect to the vpn but cannot ping anything on LAN

online_now

No changes for blocking gateway pinging?

adammaik

I have a sonicwall but I’m managing Unifi through the application on my server and using Unifi APs. What public IP address should I be using? The one for the sonicwall or should I be making my server host public through port forwarding?

I tried the network’s public IP address but that didn’t work and I’m nervous to make the entire host available with a public IP address.

curiousurick

What if you don’t have a static public IP. What would be the best solution?

chadsteffen

I'd appreciate a video on how to make a port use a vpn out (in my case nord) so I can plug the port from my pc into it and it would be covered by the vpn and no need for software on the pc to messup other settings like it has done before.

AceBoy

Even by default my apple device does not want to talk to other devices on the vpn lan network

JCS