User Manual

ManualsBrandsUbiquiti Networks ManualsNetworkingUS-24-250W

UniFi Controller User Guide

Ubiquiti Networks, Inc.

Chapter 3: Using the UniFi Controller Software

- OpenVPN Select this option to create a VPN that

uses the OpenSSL (Secure Sockets Layer) library and

SSL/TLS (Transport Layer Security) protocols.

• Enabled Select this option to create an OpenVPN

tunnel over the Internet between two peer routers.

(The UniFi Security Gateway is the local peer router.)

• Remote Subnets Click Add Subnet to add an

address for a remote network.

• Add Subnet If you have another remote subnet,

click this option and enter its network address.

• Remote Host Enter the hostname of the remote

router.

• Remote Address Enter the Internet IP address and

port number of the remote router.

• Local Address Enter the Internet IP address and

port number of the UniFi Security Gateway.

• Shared Secret Key Enter the pre-shared secret key.

Both peer routers must use the same pre-shared

secret key for authentication.

• Save Click to apply changes.

• Cancel Click to discard changes.

VPN Client

The UniFi Security Gateway is required for this option.

• VPN Client (Beta) PPTP Client is automatically

selected.

• Enabled Select this option to enable the VPN client.

• Remote Subnets Enter the network address of the

remote network. This VPN client will be used to reach

the specified remote network(s).

- Add Subnet If you have another remote subnet, click

this option and enter its network address.

• Server IP Enter the IP address of the VPN server.

• Username Enter the VPN username.

• Password Enter the VPN password.

• MPPE Select this option to require MPPE (Microsoft

Point-to-Point Encryption).

• Save Click

to apply changes.

• Cancel Click to discard changes.

Settings > Routing & Firewall

The Routing & Firewall screen displays the following tabs:

• Static Routes tab

• Firewall tab

Firewall rules are used to allow or block packets on an

interface. There are predefined rules that cannot be edited

or deleted, and you can create your own rules. When you

create a rule, you specify matching criteria, such as the

protocol (any, TCP, UDP, etc.) and whether the rule will be

evaluated before or after the predefined rules. Rules are

evaluated in order; as soon as one rule results in a match,

that rule is applied, and rule evaluation stops.

Static Routes Tab

The Static Routes tab displays a list of user-defined static

routes:

Name Displays the name of the static route.

Enabled Displays a check mark if the static route is

enabled; displays nothing if the static route is disabled.

Network Displays the IP subnet of the network in

Classless Inter-Domain Routing (CIDR) or slash notation

(example: 192.0.2.0/24).

Type Displays the static route’s type: Next Hop, Interface,

or Black Hole.

Interface Displays the interface associated with the static

route.

Next Hop Displays the IP address of the next hop for the

static route.

Hop Distance Displays the status route’s administrative

distance.

Actions Click a button to perform the desired action:

• Edit Click

EDIT

to make changes to the static route

entry. Go to “Create or Edit a Static Route” on page

31.

• Delete Click

to remove the static route.

To create a static route, click

CREATE NEW ROUTE

and go to

“Create or Edit a Static Route” on page 31 .