|Setup Point-to-Site VPN with Ubiquiti EdgeRouter
We use a Ubiquiti EdgeRouter Pro at our datacenter here at Member.buzz, and have a VPN that allows us to access our network remotely.
First, access your EdgeRouter via PuTTY, then run the following commands:
configure
set vpn l2tp remote-access client-ip-pool start <Start IP Address>
set vpn l2tp remote-access client-ip-pool stop <End IP Address>
set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret <VPN Secret>
set vpn l2tp remote-access ipsec-settings ike-lifetime 3600
set vpn l2tp remote-access dns-servers server-1 <DNS Server 1>
set vpn l2tp remote-access dns-servers server-2 <DNS Server 2>
set vpn ipsec auto-firewall-nat-exclude enable
Next, if you want to manually create users to access your VPN, run the following:
set vpn l2tp remote-access authentication mode local
set vpn l2tp remote-access authentication local-users username <Username> password <Password>
Alternatively, you can authenticate to a RADIUS server (this is what we use so that everyone can login using Active Directory):
set vpn l2tp remote-access authentication mode radius
set vpn l2tp remote-access authentication radius-server <RADIUS Server IP> key <RADIUS Server Key>
If you have a Static IP address for your router, run the following:
set vpn l2tp remote-access outside-address <Static IP>
set vpn l2tp remote-access outside-nexthop <Static Gateway IP>
If you are using a dynamic IP address, use the following instead:
set vpn l2tp remote-access dhcp-interface <WAN Interface>
Finally, run the following command to save your changes:
commit; save;
This will allow connections into your Ubiquiti EdgeRouter!
Related Articles
Articles
Cleanup Temporary Files used by Visual Studio
Getting Started
Choosing a Domain for your Website
Articles
Turning Atlassian JIRA into a CRM