Wednesday, April 20, 2016

Ubiquiti UniFi Site to Site VPN Setup

Did you know that you can create a Site to Site VPN connection in just a few simple steps with UniFi? All you need is a UniFi Controller with multiple sites and a UniFi Security Gateway at each site you wish to create a VPN connection between.

Ensure that you have prepared two separate sites on your software controller and that each site has a UniFi Security Gateway Router each configured with a different network. In this example we have a site named Office with a Corporate Network of 192.168.1.x/24, Guest Network of 192.168.2.x/24 and a VoIP Network of 192.168.3.x/24. The second site we have is named home with a Corporate Network address range of 192.168.4.x/24.

Step 1:
On our site named Home navigate to Settings > Networks > Create New Network to create a new Site-to-Site VPN Network. This will be used for connecting to our Office network so that we can work from home. After saving the configuration you can see that our VPN Network has connected the Corporate and VoIP Networks to our Home Site.

Step 2:
Verify that our the Site-to-Site VPN configuration has been configured (automatically) at the Office Site.
Step 3:
Now we can start testing our VPN connection, from a device connected to the site Home we should be able to ping a device connected on the Corporate or VoIP Network at the Office.
As you can see below my computer at Home can communicate with my computer at the Office:

