Hi Michael, I only used StrongSwan with the AVM Fritzbox router/DSL modem models, which are widely used in Germany. You'll have to create a textfile, which has to be imported into the Fritzbox via the WebGUI.
Luckily the newer Fritzbox models now support WireGuard. Never used Unifi for VPN. I thought you wanted to use Gl.inet routers … Michael http://www.mksolutions.info > Am 07.03.2024 um 12:52 schrieb Lonnie Abelbeck <li...@lonnie.abelbeck.com>: > > Hi Michael, > > Unifi access points and switches have played well with others over the years. > > Unifi routing products, while based on linux, never had a good track record > of interoperability, particularly with VPNs. > > It would seem straightforward for Unifi to support sourcing manual Wireguard > configs in addition to the pretty GUI Wireguard configs ... maybe someday. > > Personally, I would not even try to get AstLinux Strongswan to work with > Unifi's IPsec. > > Lonnie > > > >> On Mar 7, 2024, at 12:17 AM, Michael Knill >> <michael.kn...@ipcsolutions.com.au> wrote: >> >> Noone 🙁 >> >> Regards >> Michael Knill >> From: Michael Knill <michael.kn...@ipcsolutions.com.au> >> Sent: Friday, 23 February 2024 2:50 PM >> To: AstLinux List (astlinux-users@lists.sourceforge.net) >> <astlinux-users@lists.sourceforge.net> >> Subject: [Astlinux-users] Ubiquiti Unifi >> >> Im kicking and screaming all the way, but I will probably be moving to the >> Ubiquiti Unifi ecosystem (we already use their WAP’s). >> As part of this, I will be implementing some of their gateways (routers) >> which I really need to connect via VPN to Astlinux in the cloud. >> They now support Wireguard but only as a client or server and not as a site >> to site VPN which they support Open VPN and IPsec only. In the Wireguard >> client configuration they emulate a mobile client so all traffic is from the >> gateway address (NAT). >> >> So just wondering if Im going to be able to get this working with OpenVPN as >> per below: >> >> <image002.png> >> >> Looks like it only support Pre-Shared Key and not certificates? >> >> Could probably use Strongswan with IPsec but would rather not unless someone >> has got this working or something similar. >> >> Regards >> >> Michael Knill >> Managing Director >> >> D: +61 2 6189 1360 >> P: +61 2 6140 4656 >> E: michael.kn...@ipcsolutions.com.au >> W: ipcsolutions.com.au >> >> <image001.png> >> Smarter Business Communications _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.