About the Ubiquiti UniFi Dream Machine
The Ubiquiti UniFi system covers a range of powerful yet affordable network management devices, suitable for home office users up to small-medium sized businesses.
On this page, you can find the key specification for the UniFi Dream Machine as well as step by step information on how to set up a VPN server on your UniFi device.
Series: Ubiquiti UniFi
Model: Dream Machine
Recommended for: Home Office / Small Business (5 - 20 users)
Supported VPN Protocols: L2TP, PPTP
Built in WiFi: Yes
Key Features: 1.7 GHz quad-core processor, 2 GB RAM, Scalable UniFi Network Controller
Device Status: Active
Configure L2TP VPN on UniFi Dream Machine
This guide assumes that your UniFI Security has Internet access and that a LAN network is configured.
Configuration of the device is done entirely using the “UniFi Controller” software. This guide applies to UniFi Controller versions 6.2 or newer.
Step One: Enable the RADIUS Server
- Go to Advanced Features > USG RADIUS Server and enable the RADIUS Server
- Enter a Secret (this will be the password for your RADIUS server)
Step Two: Add a new RADIUS User
- Select Add RADIUS User
- Enter a Username and Password
- Important: Set Tunnel Type to L2TP and Tunnel Medium Type to IPv4
- Click Create User when you are done
Step Three: Add a new RADIUS Profile
- Go to Advanced Features > RADIUS and click Add RADIUS Profile
- Add a Name (e.g. VPN Users)
- The IP Address is the (internal) LAN address of the Security Gateway as the RADIUS server runs on this device
- Under Pre-shared Secret Key, enter the Shared Secret you created earlier
Step Four: Add a VPN Network
- Go to Networks > VPN Settings and create a New network
- Give your new network a name (e.g. VPN Tracker) and Enable Network
- For Connection Type, select Remote Access
- For Protocol, choose L2TP
- By Pre-shared Secret Key, enter the password you created earlier
- Under User Access, select the RADIUS Profile created in the previous step
- Gateway/Subnet needs to be set to a new address range (one that is not already being used on the Security Gateway)
- Click Add Network to complete setup
Connect to your new L2TP VPN Server
In order to connect to the new L2TP VPN server and get secure remote access to your UniFi device, you will need a VPN client.
VPN Tracker for Mac supports UniFi L2TP VPN connections on macOS 10.13 (High Sierra) and newer!
Follow these steps to configure a connection:
- Open VPN Tracker, create a new connection and select UniFi Security Gateway from the list
- Next to VPN Gateway, enter your device’s Public IP Address or Host Name
- For Network Configuration, choose Host to Everywhere
- Under Authentication, enter the Shared Secret and the Username and Password from the initial setup
- Click Done once you’re finished to securely save the new connection to your account
You can now connect to your UniFi Dream Machine via L2TP VPN on Mac.