Hello everyone, hoping someone here can help me please. I am quickly going to go over what set up I have and explain what I’d like to achieve.
I have a UniFi Express Gateway, the new device, I have some Ubuntu Server Virtual Machine which I use as a gateway for VPN connections.
Typically, I can point individual devices to the IP of this Ubuntu Server. The Ubuntu Server connects then to a VPN service of choice, so the individual device in my network can obtain an IP as if it is connected to VPN itself.
Express box has IP of 192.168.1.1 so the Ubuntu Server in this case has 192.168.1.8 as its IP address.
Now, I’m wanting to get away from having to manually point devices to this gateway IP. What I’ve done so far is create a new VLAN for Wireless Clients, this range being 192.168.3.0/24 IP range. The SSID has been set to use this range also.
In the settings I see DNS and Gateway are set to auto and I would like to be able to point the Gateway at 192.168.1.8, except UniFi states that Gateway must be in that IP range for the VLAN.
How can I achieve this? I’m looking around trying to understand should it be traffic rules, static routes or traffic routes? Or none of those options?
I hope someone understands what I’m looking to achieve here. Any help or advice would be much appreciated.
I’m not looking to use VPN client or server features that are built in on the UniFi as I have an existing set up which is otherwise great and do not wish to change that.
Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
This is correct, because you need a router to steer traffic between VLANs (i.e. Layer 3)… without this, the devices only know how to access IPs with-in the subnets they are part of. You have 3 options that I can see:
-
Typically, you would route the traffic back to the UXG, then use either a static route, or more likely a traffic rule (as you can create these for specific devices) that forwards traffic from your WIFI to the Ubuntu box…
-
Alternatively, you could give the Ubuntu box a 2nd NIC, or VLAN interface attached to the same VLAN as your WIFI, and give this a static IP from the same subnet… then set this as the gateway on the devices you wanted routed via the VPN.
Personally I do something similar as your looking for, and I use option 1… something to keep in mind, this can get tricky to maintain.
Another option, is your UXG can also act as a VPN client…
So a traffic rule would do it? I did look at that and think I could set that up. I wasn’t able to do with static routes though cos of subnets being different.
I know I could join WiFi and then point devices manually to gateway IP that I want to set but it goes against what I set to achieve here.