In this video we go through the setup of wireguard with our UDM SE. I create the vpn , firewall rules and do some testing
Wireguard clients:
https://www.wireguard.com/install/
▶ Hire us on our website
https://mactelecomnetworks.com/
▶ Support the channel and my videos
Ko-fi.com/mactelecomnetworks
▶ Find me on Twitch
https://twitch.tv/frozil3
▶ Check out my gaming YouTube
https://www.youtube.com/channel/UCqk6cAeyAywfkfU9zRj9mDg
▶Contact me on email:
[email protected]
————————————————————————————
Affiliates I use:
▶ VOIP.MS
https://www.voip.ms/en/code/Mactelecom
▶Canadian Amazon Store front:
https://www.amazon.ca/shop/mactelecomnetworks
▶USA Amazon store front:
https://www.amazon.com/shop/mactelecomnetworks
————————————————————————————
▶ Find us on social media:
▶ Instagram:
https://instagram.com/mactelecomnetworks
▶ Facebook:
https://facebook.com/mactelecomnetworks
▶ Twitter:
Tweets by MactelecomN
▶ TikTok:
@mactelecomnetworks
▶ Linkedin:
https://www.linkedin.com/in/cody-maccallum-29311b6b/
0:00 Intro
0:48 configuring wireguard in Unifi
3:54 speed test and iperf test
4:48 creating firewall rules for wireguard
7:20 final thoughts
Does internet speed determine the vpn speed because I have 1GB down and 20Mbps up but when I try and use the vpn it is extremely slow like less than 50 Kbps I can't even do anything while connected to it
Saved my live 🙂 Thank you for that…
Ok, so I got this setup, side-by-side with the wireguard that is on my Unraid. Letting it do port …21 instead of …20 wasn't an issue apparently. Too bad I can't specify my duckdns on the ui setup, so I'll have to change it manually on each client. My problem with my mapped network drives still persists though. I can't reach them through "//server/share" but it'll work with "//ip/share". How can I get it to work with the server name instead?
Using WG on the UDM-Pro/SE allow you to access network shared folders on pcs using "//server/share" or is it still "//ip/share" only? I already have a WG on my unraid but remotely I can't access my //server/share shares, so I'm thinking of trying to set this up (while remote) to be able to access the shares already setup.
Hey Mac, I have a question for you and your expertise on the topic:
My home network has ISPModem -> UDM SE -> Synology NAS. I am currently running Wireguard server on my Synology NAS and everything works fine.
Do you recommend switching it to the UDM SE instead?
What is the big deal if you do not set up firewall rules for Wireguard? It is a safe tunnel regardless, no? Unless you mess up sharing the private key, what else is to be afraid of?
Is there a simple way to set this up to where a vpn client can resolve endpoints via hostname, and still be able to ping their local network as well?
pls show in white background. dark background is not very readable, specially on phones.
Most of the content in these videos is just do A B and C with little-to-no explanation on why. I'm looking to learn, not follow a tutorial in the hopes that my use case is the same.
Is there a way to allow a WireGuard client acces to only two-three Websites?
Strange, this wireguard setup only works for me if the WG client is connecting from inside the network. If i try to activate the WG client when outside the network the connection fails and DMP shows 0 active clients..
For those without a static ip on their WAN, will this continue to work?
Can you help me with something , i using the WG and the vpn is working the only thing i cant ping the pc in the IP Range i can access the isp modem i can ping the gateway but the clients any rules or do i need to change something to work ?
I don't have this Teleport & VPN option in my settings..
Hi I got the USG-3P. The option for wireguard is not available for me. Does that mean it wont work on it?
Instead of trying to put in a wan ip, can we just put in our dynamic dns name? I havnt gotten to try and mess with this yet since i have WG on my Unraid.
Can I set it up with say port 51821 since I have 51820 on wg on my unraid?
What do we do when we follow your steps and everything looks activated, but you cannot ping any IPs on the network you are trying to VPN into? As soon as I activate my tunnel the laptop says "no internet access". Cant ping the UDMP running the wireguard tunnel or any other devices on the network.
I tested all LAN INOUTLOCAL and for me looks like you couldn`t prevent WG VPN client from accessing UDM web interface or ssh. Could you?
So how does this WireGuard VPN differ from using the Teleport feature? I’m confused on which one to use to VPN into my network. TIA
am i the only one where this wire guard vpn on unifi is spotty at best. the OPEN VPN is rock solid but i can Rarely get the WireGuard to produce a handshake.
Thanks, Helped a lot
Hello Cody, nice explanation, but I tried to configure and didn't work for me, I have A dreamMachine at work and a Dream Router at Home and when I try to connect now working but is working when I sharing my internet with iPhone. if I use my Mac on my network at home with the Dream Router not working. Any idea?
I setup wireguard but on my devices leaks my real ip. How do i hide/change it?
Do you a public IP for home router for this?
only the UDM can run a wireguard server? can the UDR do it?
I can't get this to work, I have followed the steps over and over and still not working, is there a forum or somewhere to go for help? please please please?
Great video! In your opinion how does the UniFi Network VPN compare to the UID One-click VPN?
Do you manually have to setup port forwarding for the wireguard port?
Does it matter if the wan ip address is not static?
What about obfuscation? Can someone tell me when the UDM Pro has support for shadowsocks? I can not access my VPN on most networks right now due to the easily identifiable traffic…
i am having an issue with my pppoe network with Wireguard
any help?
Nice and clean explanation.
Crazy that unifi allows all traffic by default.. will never understand this.
Hi Cody. I'd love to follow along, but I'm unable to delete my existing L2TP VPN to create a new NetGuard-based one. My UDM is running 2.4.27 and don't see any option for adding another or deleting the existing. Is my device unsupported or am I missing the obvious somewhere to delete it? Thanks!!!!
about to unfollow this channel, never respond to questions and there are many other channels that are more helpful…
Hi Cody, thanks for your video, it helps me a lot to setup the WG VPN. However, I have an issue regarding the gateway IP while connecting through WG VPN on client's computer. I did drop all inter-vlan traffic / ping between the devices by the firewall rules. However, I found that it is still able to PING, even access through browser, to all vlan's gateway (which is the UDM PRO login page) during VPN connection. Do I need to setup or add anything in the profile / rules to prevent the VPN user get ping / access to the login page?
Hey Cody, great informative videos. I have a UDMB running 3.0.20 and have created a Wireguard VPN, but cannot access any of my LAN devices like you. Any thoughts.