I have followed the guide provided by UniFi for creating a L2TP remote access VPN, and I can connect from external devices to the USG - but when connected I still can’t reach internal devices on the LAN network.
I’ve tried to google and read many posts - most say that it should work without additional settings, other says firewall rules should be added, but I can’t seem to figure what is up and down. Hopefully some can help!
For any MacOS users out there, once you establish the VPN connection, make sure you “Set Service Order” to put the L2TP interface *above* your Ethernet or WiFi interfaces so that traffic is sent to the VPN first
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
UniFi by default allows access across VLAN’s/subnets, so unless you have previously created a firewall rule to limit this access, yes it should work fine. It seems as if you have done the right set up, but without seeing your network its tricky to tell what might be the issue.
I had the exact setup and problem when using my Macbook connecting via my L2TP connection. The solution was to set “Send all traffic over VPN connection” on the L2TP connection on the Macbook. I was then able to ping all local resources.
To do this go to “Open Network Preferences”, click on “VPN (L2TP)”, click the “Advanced…” button, go to the “Options” tab, set/check “Send all traffic over VPN connection”, click “Ok”.
It is not a problem with the UDM pro but a problem with the local L2TP connection.
I have followed all the recommended steps. And on multiple devices. I have even disabled all my firewall rules. I am unable to access LAN devices over VPN. Why is this so hard?
This is the weirdest thing I’ve seen. When I first set the VPN up, about a month ago, everything worked as expected. My VPN and LAN IPs were similar: 192.168.x.x. I was using a WireGuard VPN and was happily accessing my local LAN w/out any problems.
Out of the blue, without any updates or any changes whatsoever, it stopped working. I followed all the recommendations on this thread and still no cigar. I even created an L2TP VPN thinking that it would help, but still nothing.
I have a DVR that I normally access from my cell phone and no matter what I do, I can no longer access it - period.
I’ve rebooted the UDM SE, cold booted my phone, removed and re-added the VPN, etc - all to no avail.
I have tried this but still not able to make it work. I am connected, but cannot ping other devices, however I can use RDP to get to a machine on the network.
Any suggestions on what I should check next? I don’t have any static routes like suggested below, as I was having the same issue where it was asking for a specific IP in the Next Hop.
Greetings from the future! This worked for me too! How odd, but hey whatever haha
Just to clarify for others, there’s an option to leave your VPN on auto or manual. Go in to manual and set it to say, 10.10.10.1 and leave at 249 addresses. Then I could get in to other stuff!
On MacOS, I had to change the connections order in Network Preferences so that the VPN connection was above my Ethernet connection (not using wifi). I had also changed the ip address of the VPN to not be in the 192.168.x.x range of the UDMP networks, but that didn’t help.
