|Setup Point-to-Site VPN with Ubiquiti EdgeRouter

We use a Ubiquiti EdgeRouter Pro at our datacenter here at Member.buzz, and have a VPN that allows us to access our network remotely.

First, access your EdgeRouter via PuTTY, then run the following commands:

⁠configure
set vpn l2tp remote-access client-ip-pool start
set vpn l2tp remote-access client-ip-pool stop
set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret
set vpn l2tp remote-access ipsec-settings ike-lifetime 3600
set vpn l2tp remote-access dns-servers server-1
set vpn l2tp remote-access dns-servers server-2
set vpn ipsec auto-firewall-nat-exclude enable

Next, if you want to manually create users to access your VPN, run the following:

set vpn l2tp remote-access authentication mode local
set vpn l2tp remote-access authentication local-users username password

Alternatively, you can authenticate to a RADIUS server (this is what we use so that everyone can login using Active Directory):

set vpn l2tp remote-access authentication mode radius
set vpn l2tp remote-access authentication radius-server key

If you have a Static IP address for your router, run the following:

set vpn l2tp remote-access outside-address 
set vpn l2tp remote-access outside-nexthop ⁠

If you are using a dynamic IP address, use the following instead:

set vpn l2tp remote-access dhcp-interface ⁠

Finally, run the following command to save your changes:

⁠commit; save;

This will allow connections into your Ubiquiti EdgeRouter!

Comments

To add a comment, please login or register.

Related

Using a Lenovo P51 Laptop with an Airplane Power Supply
The Lenovo P51 Laptop comes with a huge 170 watt Power Supply. However, airplane power supplies provide a maximum of somewhere between 75-100 watts. If you plugin a power supply requiring more watts, the circuit breaker will short out and the power will stop flowing.
Turning Atlassian JIRA into a CRM
Here at Member.buzz, we use Atlassian JIRA to track our features, bugs, and incoming requests from users through our Support Site. So when it came to choosing a CRM, we wanted to find one that integrated nicely with the rest of our infrastructure.Our first thought was to try out some of the existing JIRA CRM plugins. Here are the ones we tried out:CRM for JIRAAtlas CRMKanoah CRMAlthough there were definitely some interesting features among these options, there was nothing substantial enough to make us want to choose a specific one. We wanted something simple, yet well-integrated into what we already had
C-Level Security: When your team uses military analogies, are they using the wrong narrative?
For years, I have bristled when people would use medieval military descriptions in an attempt to convey concepts within the Network Security business. Bastions, Firewalls, Moats, Drawbridges, Countermeasures; all of these descriptions give way to a more accurate and detailed explanation of what was really taking place.
What to Say to the C-Level, get your security project funded today!
In near every business adding costs to Information Systems will be seen, by the people running the business, as a cost first, benefit second. Remarkably this still holds true despite a constant pulse of security events hitting the C-Level desks. So let's, as security professionals, develop an understanding of the C-Suite and the C-Levels as to their priorities.