UniFi Site to Site VPN Setup (And Firewall Rules)

UniFi Site to Site VPN Setup walkthrough video. this will be done using only the new interface in controller version 6.5.55. The process itself is pretty easy but there are a few things that are definitely missing.

In UniFi Site to Site VPN Setup, and in any other vendor site to site VPN setup, you should first have access to the local firewall and preferably also the remote firewall. knowing the public ip addresses on both side is also a must.

By default, when completing a UniFi Site to Site VPN Setup, all subnets configured in the setup process will be able to reach each other. to mitigate this behavior, we will configure firewall rules to block all traffic on the vpn tunnel and we will create separate firewall rules to only allow the traffic we want to allow.

One major disadvantage in Ubiquiti's UniFi Site to Site VPN Setup is the lack of ability to "call" the remote side using FQDN. in the UniFi Site to Site VPN Setup you can only use the public IP address of the remote side. this is definitely something i think should change in the future.

Video Index:
0:00 Intro
2:08 Configure Firewall Rules on Both Sides
7:54 Create the VPN Tunnel
13:10 Create explicit Allow Firewall Rules
16:40 Test & Verify
17:25 Summary

#Ubiquiti #UniFi #VPN

Please subscribe and follow us on Twitter:   / techmeout5  
Join our Synology Facebook group:   / synousergroup  
Join our Ubiquiti UniFi Facebook group:   / ubntusergroup