Hi folks, Anybody out there recommend a VPN service provider that offers a protocol that I can configure with my USG Pro 4?
I currently have NordVPN and they don’t have any protocols that are easily configured with my unifi hardware. (I wish Unifi supported OpenVPN out of the box)
any suggestions welcome 
What are you trying to accomplish? Remote access or “hiding” all your clients behind Nord?
If the latter, you could try this if Nord offers a PPTP setup where the USG is the client.
Also PPTP isn’t all that secure.
Also will point out you’re going to almost certainly need a config.gateway.json file in your site data directory on your controller so your config doesn’t get trashed when a provision runs.
Honestly, from a privacy perspective it’s kinda bad since it’s PPTP, and from a regional content blocking perspective if Nord provides their IPs to the content hosts, you’re back at square one.
More trouble than it’s worth in my opinion.
I know that Wireguard can be used with UDM Pro natively now but not 100% sure about USG Pro 4.
if Nord provides their IPs to the content hosts, you’re back at square one
It’s quite trivial to determine this in any case. The requests come from Amazon AWS / DigitalOcean / Azure / Google cloud / other non-residential ASN’s, and can be filtered automatically quite easily.
Wikipedia does it, and is pretty effective at it as well. Most of the time (there are some limited exceptions) you will find you can’t edit while using a VPN. My primary bank does this as well.
What a lot of people don’t understand is that you aren’t really hiding your traffic. You’re just moving it to one place, with all the other people using VPN’s. Seems like a convenient target for a state-level actor to me.
Modern, https-enabled websites use the same “military grade encryption” that vpn’s do, without the blocks, overhead, and overall connection slowdown. Beyond that, if you’re worried about what websites you’re visiting being visible to your provider, that is better addressed using dns-over-https than crippling your connection by using a VPN.
Is not having OpenVPN support specific to the pro 4? I have it on my USG.
Hi @house
Many thanks for taking the time to answer my question
I want to hide one client behind a VPN using a VPN provider with my unifi set up.
Nord do not support PPTP anymore: Why we have discontinued L2TP and PPTP protocols – Live Chat, VPN Setup, Troubleshooting | NordVPN Customer Support
I don’t understand why it is so complicated on such well built hardware. On the most basic Asus routers it is so much easier to configure. Even OpenVPN is an option and easy to set up. Might need to buy one to achieve what I want but disappointed unifi doesn’t just allow it 
interesting, do you know which protocol they use?
Routers aimed at home usage have tons of features that unfi doesn’t have.
And what client is this? NordVPN has a ton of options for devices. Since you’re only trying to “hide” one client, doing so at the router level is a complete waste of time and effort - especially with UniFi.
It’s possible with UniFi, but it’s a pain in the butt to do. It’s not what those products were intended to do.
That implementation of wireguard is called teleport, and is good for remote access into your network from abroad only.
Well the client device is a Television so… not possible to install a client on it to isolate the traffic to and from it.
Is that all you’re trying to do? Isolate it off? If so, just get a dumb little USW-Flex-Mini for $40, or even an unmanaged switch connected to the LAN2 port on your USG, set up a couple VLANs, and make a LAN IN rule on your Unifi controller to block all inter VLAN routing.
Sorry, to be more precise… Isolate it and have it use a different ISP IP to everything else on the network.
