{"id":109,"date":"2023-08-08T10:43:40","date_gmt":"2023-08-08T18:43:40","guid":{"rendered":"https:\/\/www.liljegrens.org\/?p=109"},"modified":"2023-08-08T10:43:40","modified_gmt":"2023-08-08T18:43:40","slug":"ubuntu-vpn-to-unifi","status":"publish","type":"post","link":"https:\/\/www.liljegrens.org\/?p=109","title":{"rendered":"Ubuntu VPN to Unifi"},"content":{"rendered":"\n<p>Always a challenge to get Ubuntu to connect to a remote network managed by Unifi.  As a result of many days of research we have found a secure and reliable method.  <\/p>\n\n\n\n<ul>\n<li>Create a Radius Server in the Unifi console\n<ul>\n<li>Navigate to Profiles -> Radius -> click on default\n<ul>\n<li>Enable<\/li>\n\n\n\n<li>Create password\n<ul>\n<li>This password is used internally between the Radius Server and the VPN Server<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Radius User\n<ul>\n<li>Create individual users for each person needing to connect and give them personal strong passwords<\/li>\n\n\n\n<li>Configure tunnel type as shown<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"972\" height=\"1001\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-43-23.png\" alt=\"\" class=\"wp-image-110\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-43-23.png 972w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-43-23-291x300.png 291w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-43-23-768x791.png 768w\" sizes=\"(max-width: 972px) 100vw, 972px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"460\" height=\"571\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-53-44.png\" alt=\"\" class=\"wp-image-111\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-53-44.png 460w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-09-53-44-242x300.png 242w\" sizes=\"(max-width: 460px) 100vw, 460px\" \/><\/figure>\n\n\n\n<ul>\n<li>Click over to VPN on sidebar\n<ul>\n<li>Notice under User Authentication are the users created in previous step<\/li>\n\n\n\n<li>Enable<\/li>\n\n\n\n<li>Create Pre-Shared Key\n<ul>\n<li>Super Secret Password\n<ul>\n<li>This password is used by all VPN users <\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Take note of server address\n<ul>\n<li>setting up DDNS is preferred<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"811\" height=\"1024\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-10-45-1-811x1024.png\" alt=\"\" class=\"wp-image-113\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-10-45-1-811x1024.png 811w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-10-45-1-237x300.png 237w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-10-45-1-768x970.png 768w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-10-45-1.png 839w\" sizes=\"(max-width: 811px) 100vw, 811px\" \/><\/figure>\n\n\n\n<ul>\n<li>Select Manual Configuration\n<ul>\n<li>Set Host Address\n<ul>\n<li>Our main network is 10.0.0.1 and we have vLans at 10.0.50.1\/24 and 10.0.30.1\/24 so we set the VPN network at 10.0.100.1\/24<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"809\" height=\"1024\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-21-54-809x1024.png\" alt=\"\" class=\"wp-image-120\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-21-54-809x1024.png 809w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-21-54-237x300.png 237w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-21-54-768x972.png 768w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-21-54.png 831w\" sizes=\"(max-width: 809px) 100vw, 809px\" \/><\/figure>\n\n\n\n<ul>\n<li>Open network in Ubuntu<\/li>\n\n\n\n<li>Add VPN<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"979\" height=\"814\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-16-25.png\" alt=\"\" class=\"wp-image-114\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-16-25.png 979w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-16-25-300x249.png 300w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-16-25-768x639.png 768w\" sizes=\"(max-width: 979px) 100vw, 979px\" \/><\/figure>\n\n\n\n<ul>\n<li>Select Layer 2 Tunneling Protocol<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"503\" height=\"348\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-36-37.png\" alt=\"\" class=\"wp-image-115\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-36-37.png 503w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-36-37-300x208.png 300w\" sizes=\"(max-width: 503px) 100vw, 503px\" \/><\/figure>\n\n\n\n<ul>\n<li>Fill in Name, User Name and Password<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"583\" height=\"464\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-38-05.png\" alt=\"\" class=\"wp-image-116\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-38-05.png 583w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-38-05-300x239.png 300w\" sizes=\"(max-width: 583px) 100vw, 583px\" \/><\/figure>\n\n\n\n<ul>\n<li>Click IPsec Settings and insert Pre-Shared Key<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"307\" height=\"342\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-41-29.png\" alt=\"\" class=\"wp-image-117\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-41-29.png 307w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-41-29-269x300.png 269w\" sizes=\"(max-width: 307px) 100vw, 307px\" \/><\/figure>\n\n\n\n<ul>\n<li>Click PPP Settings and disable authentication methods except for MSCHAPv2<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"359\" height=\"708\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-55-01.png\" alt=\"\" class=\"wp-image-119\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-55-01.png 359w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-10-55-01-152x300.png 152w\" sizes=\"(max-width: 359px) 100vw, 359px\" \/><\/figure>\n\n\n\n<ul>\n<li>Move to the IPv4 tab\n<ul>\n<li>Set DNS to the address of the local router<\/li>\n\n\n\n<li>Set Routes to the  address on the remote network of the devices you need to connect to\n<ul>\n<li>Our Gateway will be 10.0.0.1 <\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Check &#8220;Use this connection only for resources on its network<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"580\" height=\"462\" src=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-40-45.png\" alt=\"\" class=\"wp-image-121\" srcset=\"https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-40-45.png 580w, https:\/\/www.liljegrens.org\/wp-content\/uploads\/2023\/08\/Screenshot-from-2023-08-08-11-40-45-300x239.png 300w\" sizes=\"(max-width: 580px) 100vw, 580px\" \/><\/figure>\n\n\n\n<ul>\n<li>Connect to VPN through Network Manager and enter your personal password.<\/li>\n\n\n\n<li>You may need to add entries into the firewall in the remote network to allow your VPN network (10.0.100.1\/24) into vLans.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Always a challenge to get Ubuntu to connect to a remote network managed by Unifi. As a result of many<\/p>\n<p><a href=\"https:\/\/www.liljegrens.org\/?p=109\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\">Ubuntu VPN to Unifi<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,3],"tags":[],"_links":{"self":[{"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/posts\/109"}],"collection":[{"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=109"}],"version-history":[{"count":1,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/posts\/109\/revisions"}],"predecessor-version":[{"id":122,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=\/wp\/v2\/posts\/109\/revisions\/122"}],"wp:attachment":[{"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.liljegrens.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}