Mactelecom Networks Watch on YouTube

Unifi WireGuard VPN setup

3 min read 8 months ago
Published on Jul 07, 2025 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Introduction

This tutorial outlines the steps to set up a WireGuard VPN on a Ubiquiti Dream Machine (UDM) SE. WireGuard is a modern VPN protocol known for its speed and simplicity. By following this guide, you will create a secure VPN, configure firewall rules, and perform testing to ensure everything is working correctly.

Step 1: Configure WireGuard in Unifi

  1. Access the Unifi Network Controller:

    • Log in to your UDM SE’s web interface.
    • Navigate to the "Settings" section.

  2. Create a WireGuard VPN:

    • Find the "VPN" settings within the interface.
    • Select "Add VPN" and choose "WireGuard".
    • Fill in the necessary details:
      • Name your VPN connection.
      • Create a private key and a public key. You can generate these using WireGuard's official installation guide here.
      • Configure the listening port (default is typically 51820).

  3. Set Up Client Configuration:

    • Within the WireGuard setup, add client configurations:
      • Assign a unique private key for each client.
      • Define the allowed IPs that the client can access through the VPN.
      • Save your settings.

Step 2: Create Firewall Rules for WireGuard

  1. Navigate to Firewall Settings:

    • Go back to the "Settings" section.
    • Click on "Firewall".

  2. Add Rules:

    • Create a new rule to allow incoming traffic on the WireGuard port (e.g., 51820).
    • Set the action to "Accept" and specify the source as "Any" or specific IP addresses as needed for security.

  3. Ensure Proper Order:

    • Place the new rule above any default drop rules to ensure it takes effect.
    • Test the rule to ensure it allows traffic as expected.

Step 3: Testing the VPN Connection

  1. Perform Speed Tests:

    • Use tools like speedtest.net to check your connection speed before and after connecting to the VPN.
    • Monitor for any significant drop in speed.

  2. Run Iperf Tests:

    • Set up an Iperf server on a device within your network.
    • Connect to the VPN as a client and run an Iperf test to measure the bandwidth and latency.

  3. Verify Connection:

    • Check your public IP address to confirm it reflects the VPN server's IP when connected.
    • Ensure that devices connected to the VPN can access the internet and local network resources as configured.

Conclusion

You have successfully set up a WireGuard VPN on your Ubiquiti Dream Machine SE, configured firewall rules, and tested the connection. This setup enhances your network's security and allows remote access to your home network. As a next step, consider regularly checking your VPN's performance and security settings to maintain optimal operation. If you encounter issues, refer back to the Unifi documentation or the WireGuard website for troubleshooting assistance.

Table of Contents

Recent