It doesn’t seem to me that Teleport does this. What do you all recommend using, and what works best?
Is this going to drain my iPhone battery faster if I have it to always do this automatically? Is this a bad idea at places like airports, where you might not be able to charge because all the outlets are taken up by other people. I’m not worried about MacBook’s battery because I always leave it plugged into the power cord, I know this might be bad but I’m kinda lazy and this works for me well. Lots of thanks.
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Ubiquiti makes a great tool to help with figuring out where to place your access points and other network design questions located at:
If you see people spreading misinformation or violating the “don’t be an asshole” general rule, please report it!
The WireGuard option is great (built-in on UniFi Network).
The official WireGuard iOS & MacOS clients have an option to enable the VPN when you’re not connected to your home Wi-Fi.
It may drain a bit more your battery, but it should be ok.
Even though it’s newer than some other protocols like OpenVPN, the WireGuard protocol is lightweight and more efficient.
I run a WireGuard server and use WireGuard for my “outbound” VPN Client on my UDM-SE.
Also, unless you have a fixed IP from your ISP, you should consider setting up a Dynamic DNS (in your Network - Internet settings). I selected DuckDNS since it’s built into UniFi, free and reliable.
Does anyone else here use one click vpn and wifi? I do it so the identity app makes it easy to configure my wife and kids vpn client and wpa enterprise wifi. I think it does wireguard under the covers
Wireguard on-demand connection you can set wifi-ssid based and exclude your safe/local networks for example. AFAIK you have to enable on-demand wireguard both in its app and iPhone VPN settings.
Regarding battery- I don’t think it takes any serious toll on battery, but will not save it either. Looks like it could be time for battery replacement.
I don’t understand why so many people are advising chacha20-poly1305.
OP asked for something that will not drain his battery on his iPhone. Chacha20 is going to drain OPs battery much faster than AES128. Given that a reasonable modern aarch64 is going to have AES hardware.
I would advise using IPSEC IKEv2 mobike with AES128, iff battery drain is your primary concern, you are technically competent to run strongswan from cli on the UDM and your threat model is not quite state actor level…
I use wireguard to achieve this. There is no “best” answer. Experiment and find what works for you. Keep asking questions and learning. The iPhone wireguard client is designed with a switch that does what you want: “enable tunneling. When NOT on trusted WiFi”
You’ll also need a domain name and Dynamic DNS (I recommend Cloudflare) to make this work in the long term.
Is this you think the best option for me? But I might just start using it right away, depending on what you guys recommend here.
Should I turn it off when I get to the airport? Usually I’ll have a portable or travel surge protector so I can ask someone to share the outlet if they’re using so both of us have access to it, but I’m asking just in case someone was not playing as nice in the worst case.
If a flight gets canceled at the airport, and I have to get another ticket, it can be a stinky situation, where a phone/laptop might be helpful.
This is exactly my recommendation. It’s quite lightweight as well, I barely notice battery consumption. I have it doing this on my computer and iPhone.