This article explains how to set up and manage UID VPN.
Note: If you haven't completed the initial setup of your UID workspace and the UID Agent application, complete it first by following the steps on UID - Getting started.
- Configure your deployment on the UniFi Network application
- Set up UID VPN
- Assign or unassign VPN to a user
- Manage the VPN settings
- Troubleshooting UID VPN issues
Configure your deployment on the UniFi Network application
Before setting up the UID VPN, you need to configure your deployment on the Network application by using either:
- Port forwarding that is configured on the uplink router that's directly connected to your internet source, or
- Public network IP, recommended when the public IP of the UniFi OS Console is different from the WAN IP.
To configure the required port forwarding rule in UniFi Network:
- Connect the WAN port of your UniFi OS Console to the top-level router.
- Launch the UniFi Network application and go to Settings > Advanced Gateway Settings > Create New Port Forwarding.
- Enter the required information:
- A name and port number of your choice.
- WAN IP address of the UniFi OS Console in the Forward IP field.
- Forward Port is 10118 and we recommend selecting UDP as protocol.
To configure the public IP in UniFi Network:
- Launch UniFi Network from your UniFi OS Console and go to Settings > Internet.
- Select the WAN port and click Edit to access the WAN details page.
- Within the Advanced section fill in:
- DNS Server: provided by your ISP.
- IPv4 Connection Type: Static IP.
- The IP Address, Subnet Mask, and Router for the public network information.
- Click Apply Changes to finish.
Set up UID VPN
To set up the UID VPN:
- Choose the site from the drop-down field in the upper-left corner to access the site's dashboard and select One-Click VPN in the Services section.
- Configure the VPN name and the rest of the required fields:
- Authorize all users of the current site.
- VPN Server: The IP Address of the selected UniFi OS Console is displayed by default.
- Top-level Routing Port: The port number is 10118 by default. When the public IP of the selected UniFi OS Console is the same as WAN IP, the port number cannot be modified. If they are different, please follow the “To configure the public IP in UniFi Network” section above before continuing.
- Advanced Settings.
- IP/Subnet (Optional).
- DNS (Optional).
Once the VPN has been configured, you can assign users or groups to it in the VPN Dashboard section.
Note: IPv6 is not supported for VPN Server.
Assign or unassign VPN to a user
To assign VPN to a user while on the VPN dashboard:
- Select Assign User, or go to the Users section and then click Assign User at the top-right corner.
- Select the users and/or groups that you will assign the VPN to, and click OK to complete the assignment.
To un-assign user(s) from VPN while on the VPN dashboard:
- Go to the Users section and select one or multiple groups and/or users that need to be un-assigned.
- Click Remove and confirm the pop-up message to complete the un-assignment. Alternatively, you can simply hover over a user or a group, click Remove, and confirm the pop-up message to complete the un-assignment.
Manage the VPN settings
To edit the VPN settings while on the VPN dashboard, go to the VPN section and click on a VPN network to open its properties panel. Here you can edit the necessary settings and click Save to confirm.
Troubleshooting UID VPN issues
Issues with UID VPN connection may include:
- UID VPN disconnecting frequently
- The UID VPN status shows as Connected but you're unable to access the internet
If you're having any of the issues above, make sure that:
- The UID VPN was set up correctly.
- The firewall port 10118 is enabled.
- The UID VPN status is Active in UniFi Network application > Settings > Network.