UniFi OS Consoles Wi-Fi Switching Camera Security Phone System Door Access Accessories UISP
Support Resources
UniFi Help Articles UISP Help Articles Video Tutorials Community Forums UniFi Design Center UISP Design Center RMA and Warranty Contact Support
Store
Support Resources
UniFi Help Articles UISP Help Articles Video Tutorials Community Forums UniFi Design Center UISP Design Center RMA and Warranty Contact Support
UniFi OS Consoles Wi-Fi Switching Camera Security Phone System Door Access Accessories UISP Store
  1. Ubiquiti Support and Help Center
  2. UniFi
  3. Gateway & Routing
Help Center
Back to Top

UniFi Gateway - WireGuard VPN Server

2023-05-31 02:27:59 UTC

WireGuard is a high-performance VPN server found in your Network application's Teleport & VPN section that allows you to connect to the UniFi network from a remote location.

Requirements

How Does it Work?

After enabling WireGuard and specifying a port (UDP 51820 by default), add a Client and share the configuration file with your desired recipient. Once the recipient has installed the WireGuard program or mobile app, they can import the configuration and easily remotely access the UniFi network at any time.

Note: On mobile devices, automatically add the WireGuard VPN configuration by scanning the QR code.

Frequently Asked Questions

1. Should I use Teleport, WireGuard or L2TP?

Using Teleport or WireGuard is highly recommended. L2TP is a traditional VPN that is losing support on several different operating systems. In addition, L2TP has several caveats and encounters issues when the server is behind NAT.

2. Is WireGuard secure?

WireGuard VPN encrypts your traffic and secures remote access connections. It also uses private and public keys.

3. How does WireGuard compare with other VPNs, and can you use them simultaneously?

Wireguard provides higher throughput than traditional VPNs such as L2TP. Wireguard can be used alongside other VPNs.

4. Can WireGuard be used when the UniFi gateway is behind NAT?

If the UniFi gateway is behind NAT, then the port used for Wireguard needs to be forwarded by the upstream router. The default port for WireGuard is UDP 51820 and this needs to be forwarded to the UniFi gateway's WAN IP address. For example:

  • Protocol - UDP
  • External Port - 51820
  • Internal Port - 51820
  • Internal IP - WAN IP address of the UniFi gateway

We recommend to use WireGuard on a UniFi gateway that has access to a public IP address. Any performance or port forwarding issues on the upstream router can cause the VPN to disconnect.

5. Which clients support WireGuard?

WireGuard is supported on many different clients. See the WireGuard installation page for more information.

Was this article helpful?
548 out of 1301 found this helpful