08-18-2015 05:35 PM
I got my second Unifi USG today and am atempting to setup a site to site vpn with no luck. Can someone please give me some tips on what I need to do.
Site A (Offisite)
USG With Static Public IP Address
Cable From USG to 5 port non managed Switch
Offisite AKA my Own Cloud Server based Controller
Controller Server is using ip address(es) on 192.168.1.1/24 Subnet
Subnet 192.168.1.1/24 (Default Subnet)
Site A Is the primary Site where B Needs to VPN into
Unifi USG With Public IP Address
Cable to Switch
Onsite Unifi Controller Server with AP's and USG configured on this server
Unifi Controller Server is using ip addresses on 192.168.1.1/24 Subnet
Subnet on site B is default 192.168.1.1/24 (Subnet)
Do i need to create new sites on both Controllers? or just Site A?
Do I need to eliminate the controller on Site B or keep it going? (Have 2 Unifi Controllers)
I was messing with it and it almost appeared I had it working but the WWW on the GUI went Yellow and said (Unreachable) I was unable to go any websites, almost like it was a DNS Error. I could ping IP's just could not Ping any web addresses. Im sure it is something simple and stupid, could someone point me in the right direction of what I need to do to get this working?
08-19-2015 09:19 AM
You will need to eliminate one of the controllers, and point the gear at the site without a controller back to the other site for adoption. Once you create another site on your controller, and adopt it's gear you can add another network and choose vpn. This will allow you to specify both networks that will join vpn.
08-19-2015 05:35 PM
so let me get this right; I have to add the equipment from Site B to site A before I can fully finish off the VPN Creation.
08-19-2015 05:38 PM
This almost doesn't make sense. As the controler has the ability to scan the network and see what is out there seeking adoption. Is this requiring the setting of the inform url via the CLI in lieu of the GUI? I can do it thats not an issue. just trying to see how this works on paper.
08-19-2015 06:59 PM
See here for layer 3 adoption and management, you will need to use a single controller AND different sites for this. You will also need to change one of that subnets, as they can't both be the same at the two sides of a site to site VPN.
08-19-2015 07:11 PM
this isn't AP related. Im trying to setup a site to site VPN with the USG. Sorry for the confusion. I get that the adoption happens at layer 3. how do I point the USG at Site B to the Site A Controller
08-19-2015 07:12 PM
I have already modified the subnets as needed.
08-19-2015 09:42 PM
I dont know how or why but by some network voodoo its working. i can manage it from my cloud site. The main Reason I did this project was I needed a Hardware VPN sollution for Security system cameras that record offsite. Go Figure. it works. Thanks All.