UniFi Wireguard VPN Server Setup - ft. UDM-SE and GL-iNet Slate Plus Travel Router
HTML-код
- Опубликовано: 29 янв 2023
- Amazon Affiliate Links
Unifi Dream Machine SE - amzn.to/3DogWK0
GL.iNet Slate Plus - amzn.to/3VX7wLV
GL.iNet Opal - amzn.to/3GwS5o4
GL.iNet Beryl - amzn.to/3WY1SL1
GL.iNet Slate AX - amzn.to/3Zqa4Fy
Unifi Switch Aggregation 10gbe switch: amzn.to/3JpYPr8
Items used for making this video:
DJI Mic (Amazon): amzn.to/3GcnOum
DJI Mic (Adorama): adorama.rfvk.net/e4ZzNQ
Nikon Z6 ii Camera with 24-70 f4 Lens - amzn.to/2QcFLmU
Desview T2 Teleprompter - amzn.to/3sABVkQ
Glow EZ Lock Colapsible Softbox - amzn.to/3svQh5E
Related Videos:
Unifi Dream Router - • UniFi Dream Router - T...
Unifi Switch Aggregation 10 gig switch - • UniFi's Low-Key Afford...
Affordable 10 Gig Networking with Mikrotik CRS305 - • MikroTik CRS305 - FINA...
Two years with Unifi - • TWO YEARS With UniFi -...
Home Network Revamp 2019 - • Video
Building a TrueNas Server - • Building A NAS Using T...
PWAY HDMI Extender over IP - • NEVER Buying A Super-L... 
Наука
I really appreciate what you’re sharing in your vlogs. But please, give your listeners some time to adapt what you’re willing to tell them. More than 1/10th of a second between cuts can easily be resolved by both talking at a lower pace (Max Verstappen can’t be beaten :-)) and insert some pauses in between ‘chapters’ in your stories and/or sentences. Thank you!
Thanks for the video. Currently I’m living at a hospital and this is the easiest way to connect to my home NAS and keep working !
thanks for your video and the advice to use the port 51830, while the standard port is being by the Teleport !Important!
Great Video! I just received my GK-iNet travel router today.
This is great! Now we just need something to allow devices at the UDM site to be able to reach devices at the travel router site. :)
You sir get a platinum colored star....
I finally replaced my ten-year-old tired ZyXEL firewall with a UDM Pro... just got RC 3.0.20 on it and see it supports wire guard... started doing some research to figure out how I could use a client device to connect some remote radio tower sites that I have equipment at over the existing cradle points that are already there. This is the solution to the problem to establish a VPN tunnel back to home base using Verizon 5G without a static IP!!! #winning!
I’m glad the UDM Pro is finally getting 3.0 updates. Long overdue.
Excellent video very useful will try this thanks
Thanks for checking out this video
Hi Samir this is great. Thats exactly the hardware using as well. the only difference is that I am not setting up the VPN server on te UDM pro now. I set up the wireguard VPN through UID. How can I download the config file from the UID portal. Its not so intuitive.
Hi Samir. I am new to your channel, but you did an excellent job teaching. I cannot find the Unifi Dream Machine SE and since the Pro only offers the beta version is there any other comparable option or another place besides amazon to find it?
Thanks for a great step by step video. I got it all setup now.
Awesome. Glad you got it working!
@@TechTalkwithSamir After my setup, I was able to access my local (LAN) subnet with no problem. The only problem I have is I can't browse internet. Is that normal? I'm able to access my UDM-SE and NAS via subnet address but can't browse internet.
No that’s not normal. You should be able to browse the internet. Perhaps you need to specify the dns servers (try google or cloud flare).
How would I set up the vpn on my phone? I tried adding my phone in the wire guard config like we did with the GLiNet router, but it doesn't work.
Ha, I did almost the same setup with my UDM Pro SE and my GL-iNet travel router. Just a slightly different model of the gl-inet. Also have a ddns setup with my domain and name cheaps ddns service for when my isp changes my ip.
Of course then I found your video after I figured it out on my own.
Care to share instructions and devices used
thanks for the video. I have a UDM Pro SE and I was struggling with this. I created all and then went back to the client that I added and download the config, and didnt work. Looks like you MUST download the config before clicking createautomatically
Yup. There’s no way to go back and get the config. Kind of dumb but it is what it is!
I'm guessing they don't let you download the client config later because they don't store it on the server (UDM). Storing the client keys on the server creates a vulnerability. If there was a security bug that allowed bad actors to download the client keys, they'd have an opportunity to VPN into your network as an approved client making it far less noticeable.
That’s a great point!
You are correct to date the udm pro has not got the feature, come on Ubiquiti!
They really want to sell some UDM-SE. there’s no reason why the UDM Pro doesn’t have new software when the hardware is almost identical.
It's a shame they make the difference to the SE. I bought the Pro 6 months ago and am now a fool
Hey Samir, if I have 2 Slate axt 1800s; would that have the same performance or would you recomment the Unifi SE? I am trying to set servers, 1 in East coast US and one in Asia (India) and without actually testing the setup, I am hoping to get the least Latency possible. Please advise, what would be an ideal set up for that kind of distance (13000 miles apart) and your thoughts on latency. I really just need a decent experience in video calls only.
I personally have not tried these routers as a vpn server so I can’t speak too much about the performances specifically but if you are 1300 miles apart, there’s unfortunately not much you can do to reduce latency since the information takes time to travel distances. And with all your traffic routing through the US, all of your TCP traffic will make 2 trips along that distance so you will likely experience performance issues. That being said, video calls may not be too bad since it may mostly be UDP traffic which might be going to the US anyways even without VPN. Unless if you’re video calling with someone in India where the traffic goes through the US just to go back to India.
Wow! I landed on my exact solution. Thank you for this. Just a couple of questions. I was using the WifMan apps Teleport feature to access my home network. Is this WireGuard VPN preferable because it is faster, more secure or more stable? I find Teleport to be quite unstable at maintaining a connection. Do you use it? I also pay SurfShark which has a section on creating credentials/keys for Routers, TVs and so on. Does this mean I no longer need SurfShark?
I personally haven’t used teleport for anything other than testing. As far as I know, teleport also uses Wireguard as its backbone. The reason why prefer a Wireguard server rather than teleport is that I can use Wireguard on windows. I am not familiar with surfshark so I can’t speak for it.
@@TechTalkwithSamir I think I figured it out as I read your reply. I would only need SurfShark, or any third party VPN service, if I need their ability to change my geolocation since this is only useful to VPN to my home and its geolocation. So glad I discovered your channel.
Thanks for checking out the video and supporting the channel!
As of 4/4/2023 UDM Pro has, albeit beta, Wireguard support
That’s great to hear! Long overdue!
@@TechTalkwithSamir is it possible to do dream machine to dream machine wireguard VPN?
Do any of the subnets have to match like the ones that your travel router assigns and the ones in the config file?
Nope. Mine are all different. I think if they are the same, it will be problematic because it will have trouble routing the traffic.
@@TechTalkwithSamir I followed all directions but my laptop is still not showing from my IP. It is getting assigned an ip inside the travel router. The GL-1300 is working on the wireguard vpn.
That’s right. Your laptop will still get an IP from the GL-inet. However, everything connected to the travel router will use your home internet to to talk to the internet. Your public IP will be your home IP. You have to check from the browser. Your local IP will still be from your travel router.
Promo`SM 💋
Awesome guide! 👌
I do have a question. Does the the mini router (GL-iNet Slate) connecting to the WireGuardServer need to the public facing router too? Or can it connect to another ISP's router before connecting to the home WireGuardServer on the UniFi router? 🤔
Also, I'm assuming this can be done with 2 GL-iNet routers too, assuming one of them does support WireGuardServer creation.
Great question. The mini router does not need to be public facing. It can be connected to another ISPs router. As long as the the port isn’t blocked on that network, it should be able to connect (including from coffee shops and hotels).
@@TechTalkwithSamir Gotcha! Yeah I have Hotspot and ISP router on the other end, the port should be fine.
I think for the WireGuard server I'll have to do some port forwarding (with how hard it is to find an Xfinity compatible router that also has WireGuard capability). Maybe I didn't search enough.