Ultimate Privacy! UniFi Network + Private Internet Access VPN

Рет қаралды 151,193

Күн бұрын

Пікірлер: 182

@ZsoltMate Жыл бұрын

I was really looking forward to this video, and I was hoping that it will contain a solution for the app routing via VPN. Ubiquiti should add the app category into the routing options, just like with app firewall rules, so we can set up something like HBO/NETFLIX&co should exit via VPN. Domain based filtering is not viable in this case since they're using lots of CDN's and TLD's for this.

@hughw 11 ай бұрын

Now that UniFi Network 8.07 has been released and has the option for Wireguard in the VPN client (along with OpenVPN) and so does PIA, which option is better?

@Petie88 Жыл бұрын

Hey, just a heads-up, you missed the blur on your PIA username on the second screen after the upload.

@CrosstalkSolutions Жыл бұрын

Yup - already cancelled that account.

@RebelAdmin Жыл бұрын

Does it support Wireguard?

@Hola-ri9lz 9 ай бұрын

Thank you for the video and happy to use your link to PIA. Cheers from Australia.

@chuckaudette7790 Жыл бұрын

Thank for another great video. I've been waiting for this to be implemented for a long time. My only question is about DNS. Now that I've set up to route a specific device through the VPN getaway, how do you get that device to use a secure PIA DNS server to prevent a DNS leak? I'd even be fine routing all traffic for a particular network through a PIA DNS servers.

@AuXTechUK 9 ай бұрын

Is this possible with a USG?

@joegomez5807 Жыл бұрын

Great video. I have been waiting for this for over 3 years. I was never sure how well unifi would work with PIA. As I am not an ITGuy, I have purchased several GL-iNet products with varying success. I have used the mango, Slate, and the Breme2. The mango did not have enough processing power to do a vpn from Europe to the USA. The slate was passable with 5mps down and 10 mps up. The breme 2 works the best with about 90 mps down and 50 up. I live in the Netherlands and use the VPN to PIA Missouri on AppleTV. KZbin TV, Apple+, Dinsney+ DirectTV and max all work well. Amazon video recognizes the PIA vpn and does not work. Thank you for showing this set up for Unifi. It looks very easy. I am kind of lazy and afraid to try this as Idid not want to crash the system and have to listen to the screensavers complain that the internet is out. Thanks again

@mistrysoham1 Жыл бұрын

Thank you for the video. I have learned a lot from the video and very helpful video. Quick question, during setup of or after setup of VPN, how would I change to different country/region? For instant to watch UK region content on Netflix and Amazon Prime Video? Would be possible to create a different region VPN for certain devices on the network? For example, I would like to have UK VPN for streaming services and local region VPN for reset of the traffic on the network?

@funghoifungjason9036 9 ай бұрын

I had a similar question. Because I would like the full network to be based in one area, like US. The IOT of google home for another region. And the youtube domain for a different region. (1) My instincts tell me to go back to the open vpn configuration generator and generate different files for different regions. Is this correct? (2) What happens when the different routing rules conflict with each other? Like regions set for specific device; but the full network is for a different region?

@FlintingSun 11 ай бұрын

Thanks for the tutorial! At 16:30 you mentioned PIA disconnecting, in that vain - does Unifi allow to use killswitch option similar to PIA app?

@AndreasErikssonNet 10 ай бұрын

Have the same question.

@madmanb1999 Жыл бұрын

Thanks for this video Chris! For others, make sure to update any existing FW rules to include this new network. I almost walked away without doing so even though he tells us!

@CyReX1986 8 ай бұрын

Thank you so much for this video Chris! You have truly helped me understand networking since when i discovered your channel back in 2018. Keep up the good work!

@johnandruch5585 Жыл бұрын

Two questions: 1. Does each device that I route through the Vpn count against my instance limit with Pia? Or does Pia just see the unifi gateway as one instance? 2. Does this support the vpn killswitch or Pia mace? Great video! Thank You.

@madswilliam4888 Жыл бұрын

I have multiple devises on same connection, so I think Pia only counts the unifi connection as a instance. I dont see this supports killswitch.

@JohnSmith-sc6jt Жыл бұрын

It should only account for one device. I know Nord router setup is seen as one device yet you can have all your devices connected to that router routed through the one VPN channel.

@antoniosa Жыл бұрын

Thanks for another amazing video. Is it possible to use more than one VPN configuration, right ? ie: Application and domain

@onnobakker9173 Жыл бұрын

Wondering the same, i cannot get more than 1 connection to the VPN provider active simultaneously (on udm pro >> proton vpn). According to proton they are not limiting (should be able to setup 10 connections) As for your question about the internal routing: yes you can easily have multiple routes for multiple use cases active at the same time. Combined with multiple active tunnels to the vpn provider that would very powerfull..

@antoniosa Жыл бұрын

Thanks for your time. I’m playing with configs ! 😊

@jasonbodenheimer4017 3 ай бұрын

Thanks, Chris. Did you download a config file for traffic via UDP or TCP?

@axisrender Жыл бұрын

Great video as always, works perfectly with domain, an ssid setups... only with tv's and apple tv's Amazon prime detects the vpn... but with my laptop works... any idea?

@EilrahcH 8 ай бұрын

Great video! I have hesitated setting this up because once I update I have to reconfigure everything as the vpn client is not working. Any advice?

@s80keys Жыл бұрын

If I understand the UniFi routing options correctly, I could route “all devices” through the vpn but create a separate rule to exclude a specific work device that has its own software vpn. Otherwise I’d be going through double VPN, right?

@ecclsolutions 20 күн бұрын

Great great work brother 👍 an expert at explaining

@sigma2074 Жыл бұрын

This is amazingly easy and solves a few issues I have had in the past. But now the question is, how do I route locally hosted VPN traffic through PIA? I have a VPN set up to access my home network using the build in option in the dream machine, but I do not see an easy option to route traffic coming in on the VPN out through PIA.

@kabloosh699 11 ай бұрын

I don't think there is a single easy way to do what you are asking since when you are VPNing back home you have the service listening on your public IP/domain name which is assigned to your public IP. In order to route through the established PIA VPN connection that your UDM has set it you probably would need to have access to apply the domain name to PIA's front facing proxy server. As you could imagine PIA isn't going to let you do that. When I travel I usually always have PIA set running on my phone. I connect my laptop to my phone when I am connected to public wifi and then when I want to connect back to home I will use the OpenVPN client I have installed on my laptop. This works just fine to mask my home VPN from the public wifi since it tunnels through PIA via my phone since that is connected to PIA and then that connection comes out of PIA's servers and eventually establishes a connection to my VPN server in my house.

@johnmarkzimm Жыл бұрын

Does it have a kill switch option?

@mvp_kryptonite 11 ай бұрын

Excellent video Chris. This is so much smoother and mass market friendly than all those years ago using discovery tools.

@TechnoTim Жыл бұрын

Great video! I've wanted to do this!

@TheSolo727 9 ай бұрын

Can it be setup with there Dedicated IP addition? Great video Thanks

@Richard-pj4ee 11 ай бұрын

Hey Chris. Great video. We followed your instructions and everything worked perfectly. The issue we are having is that our LG smart tv, even when set up for United Stated, KZbin TV will not work as it identifies with Mexico. Any assistance would be greatly appreciated. We just move to Cabo and NO US TV for 2 weeks is killing up.

@alexdarby3374 9 ай бұрын

Curious what traffic I would want over the VPN? Netflix? Why if I am in the US? Facebook, does it matter? Curious what peoples use cases are.

@sekritskworl-sekrit_studios 7 ай бұрын

LOL Good luck on the Survey. :-P

@sekritskworl-sekrit_studios 7 ай бұрын

Does UNIFI support Wireguard?

@SeattleSandro 11 ай бұрын

This should work with Wireguard too, right?

@sekritskworl-sekrit_studios 2 ай бұрын

What if I want a specific application (like one of my browsers) to go to the VPN?

@TW80 7 ай бұрын

Great video. Is it possible to inform user, for example, through the application that the VPN has stopped working? PIA has kill switch in applications that disconnects the connection when VPN is unavailable. It's probably not possible to do it here.

@imishig 9 ай бұрын

Hi there, I tried it exactly as you did, and i have 50% succes rate so to say. I routed 3 devices through the VPN, my Pc, my living room TV, and my bedroom Apple TV. It works on my PC when I browse to Disneyplus, however, on the TV and the Apple TV it is still just the regular European disneyplus. Only difference I can tell is that one is using a browser and the other 2 are using an application. Any ideas on how to solve this? Many thanks!

@ValeriSebastion Жыл бұрын

I'm setting up my UniFi Network and looking for a VPN that supports WireGuard for better privacy. Is VPNHouse compatible?

@BellaMuggeo Жыл бұрын

Yes, VPNHouse supports Wireguard, so you can integrate it with your UniFi Network setup for enhanced security.

@ValeriSebastion Жыл бұрын

Awesome. Can I select specific devices or domains to run through VPNHouse, or does it have to cover the whole network?

@BellaMuggeo Жыл бұрын

With VPNHouse, you have the flexibility to choose. You can set it up for specific devices, domains, or your entire network.

@motleyfrank 4 ай бұрын

Thanks for your incredibly thorough and helpful videos.

@Saintel 7 ай бұрын

Great video! How do I resolve the The VPN tunnel subnet provided by the server overlaps with the LAN network(s). Issue? 😫

@audi5kg Жыл бұрын

Thanks for creating this video. It's been something I've been wanting to set up but didn't know how or I didn't take the time to find out until I saw your video. Also it's better than nothing, and having to run a VPN on every device.

@tauntonlad 11 ай бұрын

Chris can you do a video on how to do this on the omada network

@ma3680 3 ай бұрын

Can this be done with Microsoft 365’s free (included with paid subscription) Windows Defender VPN?

@LordSaliss 8 ай бұрын

In the firewall rules area for "simple" rules, I can select the type being app and then select things like tiktok, facebook, etc. Is there a way to easily add these "apps" type rules for policy based routing over VPN? So instead of manually typing all domain names for these and hoping no new ones get added I could simply make a policy based rule and select the apps and tell it any device using those send it out the VPN.

@noelreynolds2356 Ай бұрын

If I set all traffic to use the VPN connection and then the VPN fails, I know there will be no internet. But can we not get the VPN connection restart itself?

@PeterDLeslie 11 ай бұрын

thanks Chris - amazing video and great PDF - i can get netflix to work, i can get an iPhone to work - but cannot get my iMac for all traffic over PIA VPN - have tried both selecting the device and also setting the LAN ip of the iMac - any suggestions?

@tariqowens6127 5 ай бұрын

Hey Chris, how hard is it to configure unifi with PIA dedicated IP? i cant figure out where I would put the key for access to the direct IP.

@AA-kj4ic Жыл бұрын

N3450 used in ZimaBoard is pretty weak, will they release one using N100 or N200 CPU with dual 2.5G ethernet port?

@AceBoy2099 Жыл бұрын

I haven't finished the video yet, but i set this up and have nic2 from my pc routed through network vpn and a program on the pc "bound" to that nic, while nic1 is 10g on my home network non-vpn, any way to test that just that program is using that nic or what's transferring through which nic? I appreciate your videos, i used them (and mactelecoms) to set up my new unifi system. One issue i had was not mentioned/covered. For my smart tvs to connect to my HomeAssistant i needed to enable mdns and igmp snooping on their respective networks AND the "default" equipment network too.

@CraigB801 6 ай бұрын

I had no idea it would be this easy. Years ago I flashed a router to DD-WRT and configured a VPN for the entire network, it was a pain.

@madswilliam4888 Жыл бұрын

Thanks for the guide Chris, a function I have needed for quite some time, but haven't notice was a feature on the UDM now. Am I the onely one who struggles to get the domain routing to work? No problem, on a specific device or on a entire vlan. But If I add specific websites to the routing roule, its not working. Sites still see my ISP IP. The routing roules has been made a few hours ago, but still hasent gone through.

@grumloese Жыл бұрын

I have the exact same problem with domain roules.

@JanCervenak Жыл бұрын

same issue on my UMPpro :(

@TheMickmccarthy Жыл бұрын

same issue with domain rules

@toniETH 8 ай бұрын

Thanks for the video. I'm going to order CGU

@djgaming2114 Жыл бұрын

Hi what router can use to start a wisp and to limit customer speed? Or a video showing how

@geoffrae6482 5 ай бұрын

Hi Chris. Can you do device level on CloudKey Gen2 Plus??

@roniez Жыл бұрын

So strange i dont have these options and i am running a USG-3P with a CloudKey Gen2 and from all documentation i find this should be avalible.

@CrosstalkSolutions Жыл бұрын

Available on UniFi OS consoles only at the moment (and the UXG I think).

@TheOirishhAmerican 7 ай бұрын

While this is a great take as I have PIA VPN and I love it, I followed the steps correctly and still kicked me off the network in fact having to reboot my UDM SE

@peterjensen6336 10 ай бұрын

Thanks for this .... been a follower for a while on the home side starting with the basic USG and then now to the Dream Machine SE because of this VPN feature as so many of our devices are connected and don't support VPN internally, main one kids Xbox, thanks!

@baughaninastorm 11 ай бұрын

Great video as usual. I'm having an odd issue. I have setup VPN according to the first section to route individual devices. I have re-done it several times but the results are the same . Instead of London for my server as selected it seems to route me through an Australian server. Despite only using the individual devices rules it seems to be active across the whole network. I'm getting Captchas on every device. Deleted rules 3x now and recreated the openvpn file from PIA 3x. Very odd behaviour

@timothybradley7894 10 ай бұрын

Great info as always Chris. Thanks again for your informative content.

@alcorza3567 Жыл бұрын

How would one find out about IP forwarding and what that port would be?

@Knoparen99 Жыл бұрын

Does it work to do that in EdgeRouter X?

@mehammered Жыл бұрын

Great video. Would like to see the VPN server and routing between vlans set up on the UDMPro a little more.

@itshemondtime3459 Жыл бұрын

Love the R2D2 stand for the UDM! I want one!

@itshemondtime3459 Жыл бұрын

That Vlan shirt!

@PandaSaurusRexx 11 ай бұрын

SAME!!

@evelbsstudio Жыл бұрын

Mysterium VPN is good, cheap and actually private, no logs unlike others

@BlackZonoxFPS 2 ай бұрын

Hey Chris. Great video Like always. but this dont work.

@marcuscase3308 Жыл бұрын

This is super easy to setup. I just did all of it from my phone.

@defonfeks3391 8 ай бұрын

i created my own vpn server with openvpn and i wan to connect to it as a vpn client to add that vpn to a port.is this possible? i get this error "Network conflict. The VPN tunnel subnet provided by the server overlaps with the LAN network(s). Verify with the VPN provider if a different subnet can be used. Learn more"

@jcw232000 11 ай бұрын

I have a raspbarry pi wireguard already setup so how do i get unifi to use it

@pantag2 Жыл бұрын

How can I have a specific app installed on both my desktop PCs to always use VPN through Unifi?

@TaunTaunChewie 11 ай бұрын

Thanks for this video Chris!! I am on UniFi OS 3.1.16 Network v8.0.7 and do not see the 4 VPN options? Under settings "Teleport & VPN" option is just "VPN" and there are only two tabs "VPN Server" and "Site-to-Site VPN". Am I missing an update here? Any help would be very appreciated!!

@NotoriousX100 9 ай бұрын

Hi Chris. I stumbled across an interesting problem: When my UDM Pro has established the PIA internet connection and I switch into WifiMan on a different network, I can see that the UDM Pro is publishing a new IP address of my gateway. Even though I segregated my Vlans and blocked access to all gateways from my sub networks I am able to access the gateway of my UDM Pro through this new IP address from every other network. Because the IP changes constantly, there is no way of blocking this with firewall rules. Any idea of how to fix this?

@toniETH 8 ай бұрын

VPN clients only have two options, Is there any way to connect IKEv2?

@rdsii64 Жыл бұрын

The real question is can I sail the seven seas with this set up?

@kevinwestby Жыл бұрын

Does this feature also work for multiple WAN connections? I am trying to route specific traffic over my secondary WAN connection based on Domain Name, and it doesn't appear to be working as I expect. I have the routing rule defined, but if I take my secondary WAN connection down.....I am still able to access the domain. Perhaps I am misunderstanding the feature capabilities?

@yoric7200 Жыл бұрын

Thanks, been waiting for a guide like this. Think I'll get the optional dedicated IP, bit more expensive, but that should mean the streamers won't block it thinking it's a VPN?

@CrosstalkSolutions Жыл бұрын

That I don't know - I have never tried using the dedicated IP option.

@MrKillajay72191 Жыл бұрын

any chance you can make vid about this using the tp link omada setup?

@dinkusdorkus2737 Жыл бұрын

Will this method circumvent t-mobile home internet cgnat? For work there’s times where I need to use Airwall to connect to certain locations and Airwall does not play well with cgnat

@mandalorian2010 2 ай бұрын

I am running the latest version of Unifi OS (v4.0.6) on a Unifi Dream Machine Pro. I do not see the VPN Client option nor in the VPN Server Option is Wireguard available. I made the upgrade this weekend because I didnt realize that I was running an olve version 1 of the software that needed to be manually upgraded in the terminal. One I made that upgrade, the options still didnt exist. I should also note, I am using the NEW interface. I have also gone into a shell on the UDM Pro and looked for ANY wireguard files and found nothing which leads me to believe I need to have installed something but im not sure what

@ahaines74 Жыл бұрын

Ordered PIA plan, setup and works as advertised. Question on performance, I am only getting 60-105 MBIT U/D on my 1GB Fiber connection with a UDM Pro and current Unifi hardware behind it, tried a few different region selections same speed. Reached out to PIA support they among with many great suggestions suggested that the UDM Pro device simply is not enough hardware to get modern speeds with. I have yet to go down the path yet of their other suggestions, was curious of that generalized statement. Great channel and Rouge support might get a support path to take a look as your team has been amazing thus far.

@M35180S Жыл бұрын

UDM can’t handle full bandwidth VPN. I kicked mine to the curb.

@GenevieveShaba 11 ай бұрын

Did you end up finding a solution for this? Is this truly a UDM pro limitation?

@ahaines74 11 ай бұрын

kinda "lost intrest" in this at the moment. Also "general searches" and similar questions lead to the UDMP being the limitation on pure SPEED.@@GenevieveShaba

@M35180S 11 ай бұрын

@@GenevieveShaba nothing Returned it

@maurizioblotta7189 10 ай бұрын

I was able to set it up my vpn server as a ssid but now all my switch ports have the vpn proxy server as well and is causing conflicts, how can I restrict it to wifi only? Any help will be appreciated!

@SRMB1 4 ай бұрын

What happens when PIA network goes down? Sometimes it drops off in certain regions.

@ITrendzI 9 ай бұрын

Very helpful video. Thank you!

@fearthesmeag 9 ай бұрын

nice, would of been good to see the tests to the registered domains and not?

@jkrahulec 11 ай бұрын

Please make a video using Site Magic VPN to route streaming traffic from one residence through a secondary residence.

@BillCClinton Жыл бұрын

Just looked and I do not see the menu option for teleport under settings. I assume this is not available for USG users.

@JohnSmith-sc6jt Жыл бұрын

Currently running Unifi network OS ver. 7.5.187 with a USG-3P. My VPN interface looks totally different. In my settings, the network menu only shows "VPN" where this shows "Teleport and VPN". Is it due to the USG-P3 being used or is there a setting I need to set?

@nsprasad2005 Жыл бұрын

Hi, I would like to know how it will work in below situation router 1 - Connect to ISP and have devices like control - 4 automation hardware router 2 uses vpn client and is connected to router 1 for internet connection and has media devices like NIVDIA shield etc... I want control -4 connected to router 1 to reach NVIDIA shield which is behind VPN to switch on/off and navigate. Regards...Srini

@moparneon00 11 ай бұрын

does private internet access block plex ports like 32400?

@squeak751 Жыл бұрын

I was just asking if this was possible. Thanks

@nigelholland24 Жыл бұрын

can this be set up on a unfi controller running on proxmox or does it need to be a dream controller thanks

@chrisumali9841 Жыл бұрын

Thanks for the demo and info, have a great day

@hellowill 29 күн бұрын

How do I get the config for Wireguard?

@JohnSmith-sc6jt Жыл бұрын

What version of Unifi network app is this available on?

@genwch 11 ай бұрын

i am looling for a method to use the vpn client for my "wireguard" server. i.e. connect ny mobile to home network via wireguard server. and use my "vpn client" for some specify service

@DAVIDGREGORYKERR 7 ай бұрын

I used VPN when I was on UTV Internet which I don't use anymore and I lost my connection quite a lot.

@Catge 5 ай бұрын

Mine just keeps saying connecting. I tried changing the password but still doesn't work

@sygad1 Жыл бұрын

For reasons I have yet to work out, I cannot get this to work with NordVPN, just won't connect

@robertcoleman7071 Жыл бұрын

Great video Chris. I used your link to subscribe to the PIA VPN service.

@CrosstalkSolutions Жыл бұрын

Cheers!

@13Marino Жыл бұрын

When I set it to all devices it works but when I try to set it to domains it doesn't work. Any ideas?

@bokingwen Жыл бұрын

what version of firmware you are on?

@wesley907 Жыл бұрын

Thanks for this. Great demo

@MM78 Жыл бұрын

PIA is on the 5,9,14 eyes list. It's not safe :(

@wpattison Жыл бұрын

Good alternative?

@RogierYou Жыл бұрын

@@wpattisonproton?

@higgstastic4883 Жыл бұрын

PIA stated 2 years back that they retain their No-Logs Policy, so even if they were asked to hand over records, there is no personal or private information available to governments. They have had a case in the past attempt this and they have court documents showing this to be true. The other instance was Russia enforcing them to Log data so they shut down their Russian side of the business to ensure their No-Log Policy. So yes, even though they are based in the USA you can be sure that you are safe utilising this service. If you are really worried, ExpressVPN and Nord VPN operate outside of the 14 Eye countries, and have No-Log policies.

@JohnSmith-sc6jt Жыл бұрын

Not sure what other than Kodachi sets this up, would be great though.

@wpattison Жыл бұрын

@@higgstastic4883 Thank you! 🙏🏼

@justinchlan7893 Жыл бұрын

I have a USG4 pro. Does it not support this?

@ASM1981 Жыл бұрын

Great video as always Chris …

@ornikel Жыл бұрын

How would you setup 2FA that your VPN uses?

@CrosstalkSolutions Жыл бұрын

When you log into PIA to create the OpenVPN configuration, you log in with your 2FA in order to generate the OpenVPN configuration file. Then you use that .ovpn file + your credentials in UniFi.