Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

what is an easy and secure vpn

hi folks

 

I know this might be already asked but:

 

I run from the USG3P an PPTP VPN network to the world wide web  i also know this is a bit out dated and in secure.....

 

I want to step over to a more secure one so my phone can still conected when i am traveling outside around the country becouse now it randomly disconects itself

 

 

The issue is is that my Cloudkey is not setted up with an ssl ( The entire network doesnt have SSL )

 

What is an easy way to step over to a new vpn connection that is more secure and easy to implement

 

Thanks

 

 

 

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
sys.PNG
sys2.PNG
Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

Anyone ??

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
Regular Member
Posts: 615
Registered: ‎07-20-2013
Kudos: 305
Solutions: 24

Re: what is an easy and secure vpn

L2TP is more secure. There are forum posts regarding setting up wireguard which seem popular, but require a fair amount of commandline work and isn’t supported on all platforms. L2TP is the most universal in that it’s native to all the major operating systems. It’s what I use and find it to be reliable. When traveling internationally it’s spotty but I find data and WiFi in general to be spotty  where I travel. 

New Member
Posts: 5
Registered: ‎02-27-2019
Kudos: 2

Re: what is an easy and secure vpn

[ Edited ]

I'm not sure how much more secure it is but I'm using wireguard and pihole off a raspberry pi b+ for connecting home anytime I leave the house. There's also pivpn that utilizes openvpn as an alternative.

Senior Member
Posts: 2,804
Registered: ‎01-29-2015
Kudos: 457
Solutions: 118

Re: what is an easy and secure vpn

Don't know if it will help, but I saw this on Lon TV recently.

 

https://www.youtube.com/watch?v=15VjDVCISj0

Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

Sorry for my late response

 

 

I already own an USG with a pptp VPN   but i assume its a bit unsafe in 2019 so i only wanna know if its possible to reconfigure the VPN rule to something more secure.

 

 

* and  my CK does not have an SSL cert ( It fails always )

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
Senior Member
Posts: 2,804
Registered: ‎01-29-2015
Kudos: 457
Solutions: 118

Re: what is an easy and secure vpn

The first response you got was to use L2TP. Any issues with doing that?

Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

Have not tested it yet but i am not that good in commandline for linux but if there is already an tutorial how to do it i can try it yes i did the pptp also out of an tutorial
Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
New Member
Posts: 3
Registered: ‎12-15-2015

Re: what is an easy and secure vpn

You may try ZeroTier, it's an easy and secure solution. Already implemented in pfSense, maybe next in USG hi hope. The main easy config is you only install zerotier client and enter the network id and that's all. All other option are config in portal for add right to access on some resource or other.

It's better than ipsec becase there are no matter of what you use to connect to Internet, you start your PC, and it works!

You can find some information on this site: https://www.canaletto.fr/post/zero-vpn (in fench)

or directly from the main site: https://my.zerotier.com

Emerging Member
Posts: 454
Registered: ‎02-03-2019
Kudos: 145
Solutions: 18

Re: what is an easy and secure vpn

[ Edited ]

Please never ever use PPTP!

It’s insecure and easy to hack since many, many years!

 

L2TP over IPSec is much better and you don’t need the commandline to configure it on the USG.

Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

so all i want is a VPN out of the USG  no extra programs  just the usg itself with settings from the cloudkey

 

so i can hookup random computers and mobiles without any extra apps or software

 

 

 

But what is the easyest way to step over from pptp to a secure one

 

and @AF360 Thx for saying that pptp then is insecure   ( But for me now its the only one that works )

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
Emerging Member
Posts: 454
Registered: ‎02-03-2019
Kudos: 145
Solutions: 18

Re: what is an easy and secure vpn

[ Edited ]

It's easy and I as said above you don't need any commandline for this, it's all available from the Controller GUI.

 

First enable the RADIUS server on the USG, then create a RADIUS-user and -profile.

Last step is to create a network (Remote User VPN) choose L2TP-Server, assign a DHCP-range and the created RADIUS-profile and you are all set! 

 

That's all there is to it.

 

 Radius-Server.pngEnable Radius ServerRadius-Users.pngCreate Radius UserRadius-Profile.pngCreate Radius-ProfileL2TP.pngCreate VPN-Network

Senior Member
Posts: 2,804
Registered: ‎01-29-2015
Kudos: 457
Solutions: 118

Re: what is an easy and secure vpn


@PsychoticNL wrote:
Have not tested it yet but i am not that good in commandline for linux but if there is already an tutorial how to do it i can try it yes i did the pptp also out of an tutorial

Click the button for L2TP instead of PPTP.

pptp.png
Regular Member
Posts: 615
Registered: ‎07-20-2013
Kudos: 305
Solutions: 24

Re: what is an easy and secure vpn

In my original reply to your question I stated L2TP and linked it to the official ubnt tutorial. It’s all through the GUI as others have stated and shown with screenshots.   This is the exact answer to your question. It’s odd to us that you seemed to have completely missed this. 

 

For Windows there is one checkbox and a registry edit that needs addressing. It’s in the tutorial. For all other platforms it’s just entering the vpn settings. 

Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

Ill try tomorrow to updste the vpn rule..


But i have tried radius but its giving me always some errors (5 controller releases back)
Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
New Member
Posts: 3
Registered: ‎12-15-2015

Re: what is an easy and secure vpn

What registry key do you edit? It was not on the tutorial for windows 10 and if you follow exactly what was wrote it fails.
Emerging Member
Posts: 454
Registered: ‎02-03-2019
Kudos: 145
Solutions: 18

Re: what is an easy and secure vpn

[ Edited ]

@Ludwigp94 wrote:
What registry key do you edit? It was not on the tutorial for windows 10 and if you follow exactly what was wrote it fails.

Which Windows 10 tutorial do you refer to?

There‘s no need for altering a registry key (unless NAT is used).

Make sure LCP-extensions are disabled in advanced settings/properties.

You can follow along some hints on Windows 10 VPN here:

https://community.ubnt.com/t5/UniFi-Routing-Switching/Windows-10-build-1803-VPN-L2TP-not-working/m-p...

Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

i have tried it without any good results.....

( Yes with the screenshots )

Tested internally but it wont connect

 

Who wants to help me a bit off topic you can add me on discord ⎝⧹⎛𝕻𝖘𝖞𝖈𝖍𝖔⎞⧸⎠ #0007

Ill do then a request   Or add me and i hand over a teamviewrt ID and pass

 

 

and for the one that maked it working i can offer you a cup of coffee by sending a reward over paypal

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
Regular Member
Posts: 381
Registered: ‎12-07-2017
Kudos: 48
Solutions: 19

Re: what is an easy and secure vpn

i have tried it without any good results.....

( Yes with the screenshots )

Tested internally but it wont connect

 

Who wants to help me a bit off topic you can add me on discord ⎝⧹⎛𝕻𝖘𝖞𝖈𝖍𝖔⎞⧸⎠ #0007

Ill do then a request   Or add me and i hand over a teamviewrt ID and pass

 

 

and for the one that maked it working i can offer you a cup of coffee by sending a reward over paypal

Products i have:1x UC‑CK, 1x USG 3p, 1x USW-8 150 Watt, 1x UAP AC_LR, 1x UAP, 1x UVC-G3 Feel free to add me on Steam
Emerging Member
Posts: 454
Registered: ‎02-03-2019
Kudos: 145
Solutions: 18

Re: what is an easy and secure vpn

[ Edited ]

What do you mean by „tested internally“? Have you tested with a Laptop/Mobile Phone not connected to your internal network but cellular?

What‘s the error message?

What does the logfile say?

Can you post screenshots of the relevant settings pages?

 

But just to rule out the most obvious first:

is there another router (ISP) in front of the USG? If so, will it forward the L2TP/IPSec requests to the USG? (Mabye it will only pass PPTP through)