Am I understanding it correctly that in UniFi, a given VPN server (or even S2S vpn) is always tied to a WAN interface?
In other words, if I have a WAN1 and WAN2 and my vpn server is listening on WAN1, if WAN1 goes down it does not transfer to WAN2?
If this is the case, this is very limiting! in pfSense I have multiple VPN servers and they’re all tied to a WAN gateway group, so if one goes down it keeps listening on the fallback gateway…
Wireguard will listen on all addresses by default but can be limited to one WAN address. OpenVPN can only listen on one WAN.
Thanks… Just noticed S2S IPSec is also tied to the WAN interface…
UniFi really needs something like Gateway groups and the ability to configure tiering like pfSense
When my unifi firewall died just moved to opnsense, because i could grab any hardware and be up and running in an hour, no need for an unexpected expense of buying another unifi firewall and waiting for the delivery, yuk
Used to be pfsense, but i’m all into self hosted netbird now (running in a cloud vm) and with the opnense netbird plugin, life is so much simpler to manage, their is simply nothing you can’t achieve no matter how technically complex using just this tech stack (doubly more so as netbird now has a built in reverse proxy)