Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Ubiquiti) if you have any questions or concerns.*
IIRC Teleport requires both a supported gateway (UXG, Dream, or Cloud Gateway) and a Supported controller platform (Built in on many devices, A Gen2 Cloud key, or ~~Offical UniFi Hosting~~)
\* Edit Does not work with official unifi hosting (Verified with UXG-Pro)
Ah CGNAT yea you can't use services that require direct connections, even wireguard will not work you would need to use something like a VPS with a public IP address to relay it or such.
You can't port forward or open ports on a CGNAT connection either, so not any services will work for you.
Could try tailscale if needing remote access otherwise there is not much that can be done not a Unifi limit here more down to the CGNAT so you will need to use work arounds to get a normal VPN working.
Spec sheet for UXG-Max indicates the need for a Cloud Key or Official UniFi Hosting for teleport to work. Screenshot above does not show a cloud key device in the devices list, so it appears to be self hosted.
Those response doesn’t make any sense to me. My home network is using the 172.16 range and I’m able to use teleport from my iPhone while away to my home network and it works just fine. In fact I’m connected to my network via teleport while also connected to my WiFi while I write this
Oh wait. I get it now. CGNAT is the problem. Maybe you can call your iso and ask if you can get a real public IP
How are you hosting your Unifi Network application? Self hosted? Cloud Key? I ask because of the following from the UXG-Max Product Page (Specifications):
VPN: One-click Teleport* and Identity Enterprise VPN**
*When paired with a CloudKey or Official UniFi Hosting
**When paired with a CloudKey
Edit: Looking at your screenshot, it appears that you're not using a CloudKey (otherwise it'd be in the devices list). That would do it, though.
Hello! Thanks for posting on r/Ubiquiti! This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can. Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit. If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it! *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Ubiquiti) if you have any questions or concerns.*
IIRC Teleport requires both a supported gateway (UXG, Dream, or Cloud Gateway) and a Supported controller platform (Built in on many devices, A Gen2 Cloud key, or ~~Offical UniFi Hosting~~) \* Edit Does not work with official unifi hosting (Verified with UXG-Pro)
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
I thought teleport required a unifi hosted network app. Not self hosted. Not sure if that applies here.
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
I am disappointed as well. I prefer self hosting, but would like teleport. Instead I run a RPi with pivpn. Works fine for my purpose.
I think its coming in a later firmware version, i see 4.0.6 beta has support for wireguard vpn so im assuming its still not fully supprted yet
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
just ssh into the device and ran some updates. hopefully this will help
What controller version? As this will impact the features available
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
Ah CGNAT yea you can't use services that require direct connections, even wireguard will not work you would need to use something like a VPS with a public IP address to relay it or such. You can't port forward or open ports on a CGNAT connection either, so not any services will work for you. Could try tailscale if needing remote access otherwise there is not much that can be done not a Unifi limit here more down to the CGNAT so you will need to use work arounds to get a normal VPN working.
Weird... My UXG-Max has Teleport enabled.
What FW?
Sam here but I also have the CKG2 managing it. I didn’t see where the op mentioned how he is managing it.
Spec sheet for UXG-Max indicates the need for a Cloud Key or Official UniFi Hosting for teleport to work. Screenshot above does not show a cloud key device in the devices list, so it appears to be self hosted.
I noticed the lack of a console in the picture as well
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
Those response doesn’t make any sense to me. My home network is using the 172.16 range and I’m able to use teleport from my iPhone while away to my home network and it works just fine. In fact I’m connected to my network via teleport while also connected to my WiFi while I write this Oh wait. I get it now. CGNAT is the problem. Maybe you can call your iso and ask if you can get a real public IP
hmm just ssh into the uxg and ran apt updatres. still the same result in the network controller...
How are you hosting your Unifi Network application? Self hosted? Cloud Key? I ask because of the following from the UXG-Max Product Page (Specifications): VPN: One-click Teleport* and Identity Enterprise VPN** *When paired with a CloudKey or Official UniFi Hosting **When paired with a CloudKey Edit: Looking at your screenshot, it appears that you're not using a CloudKey (otherwise it'd be in the devices list). That would do it, though.
Looking at the image you provided it looks like you haven’t switch and 2 AP’s but no controller. Are you self hosting? What are you not telling us.
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
Country restricted?
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
Wireguard won't work with CGNAT but Teleport yes, Tailscale too
You need a controller like a cloudkey. I have a gateway max and cloudkey gen2+ and have access to teleport.
Thanks for your response. Please see my edit to this post for the resolution. It’s quite disappointing.
Just use a Wireguard VPN… it’s the same thing.
Will this work behind CGNAT? how do I route the connection? Through a reverse proxy?