About the Ubiquiti UniFi Dream Machine
The Ubiquiti UniFi system covers a range of powerful yet affordable network management devices, suitable for home office users up to small-medium sized businesses.
On this page, you can find the key specification for the UniFi Dream Machine as well as step by step information on how to set up a VPN server on your UniFi device.
Series: Ubiquiti UniFi
Model: Dream Machine
Recommended for: Home Office / Small Business (5 - 20 users)
Supported VPN Protocols: L2TP, PPTP
Built in WiFi: Yes
Key Features: 1.7 GHz quad-core processor, 2 GB RAM, Scalable UniFi Network Controller
Device Status: Active
What you need to configure VPN on a UniFi Dream Machine
Configuring a VPN server requires a public IP address which you can obtain from your ISP. For private users, a static IP address usually comes at an extra cost, however, if you have a dynamic IP address, setting up a Dynamic DNS hostname is another easy option which is often available free of charge. Find out more.
This guide assumes that your UniFi Dream Machine has internet access and that a LAN network has already been configured.
Configuration of the device is done entirely using the “UniFi Controller” software. This guide applies to UniFi Controller versions 7.0.23 or newer.
Throughout this guide, certain connection information is referenced which you will need to set up the VPN in your VPN client software. Please refer to this list:
- IP address or host name of your UniFi device* (find this under Settings > Internet)
- Pre-shared Key
- Account Name (i.e. username)
*Note: If your UniFi is behind another router and not establishing a connection directly, you'll need to reference the WAN IP of that device.
Configure VPN on UniFi Dream Machine
Step One: Enable L2TP VPN server
- Go to Settings > VPN (also referred to as Teleport & VPN on compatible devices) > VPN Server and check to enable the VPN Server
- For VPN Protocol, select L2TP from the dropdown menu
- Enter a Pre-Shared Key (this will be the password for your new connection)
- Server Address: Enter the network address the VPN server will use (e.g. 192.168.130.21) Please ensure this is a network range which is not already in use!
Step Two: Add a new user
- By User Authentication, click the + to Create a new user
- Enter a new Account Name (e.g. vpntracker) and Password - keep note of these credentials, as you will need them to access your connection in the VPN client
Step Three: Advanced Configuration (optional)
Users have the option to manually configure connections settings for your VPN (e.g. network size, DNS search domains.) Please note, any manual changes will also need to be reflected in the VPN client configuration.
If you would prefer to keep to the standard settings of your UniFi device, you can remain in the Auto configuration tab and skip this step.
- Under Advanced Configuration, switch to the Manual tab
- Gateway/subnet: Here you can determine the network size for your new VPN server
- Name server: Specify private and public DNS servers
- Click Apply changes when finished to complete the setup
Connect to your new UniFi VPN Server
In order to connect to the new UniFi VPN server and get secure remote access to your UniFi device, you will need a VPN client.
VPN Tracker for Mac supports UniFi L2TP VPN connections on macOS 10.13 (High Sierra) and newer!
Follow these steps to configure a connection:
- Open VPN Tracker, create a new connection and select UniFi Security Gateway from the list
- Next to VPN Gateway, enter your device’s Public IP Address or Host Name (1)
- For Network Configuration, choose Host to Everywhere
- Under Authentication, enter the Pre-shared Key (2) and the Account Name (3) and Password (4) from the initial setup
- Click Done once you’re finished to securely save the new connection to your account
You can now connect to your UniFi Dream Machine via L2TP VPN on Mac.