Selfhosted@lemmy.worldbyKingOogaBooga@lemmy.world
3 months

Unifi Teleport

English

I am slowly setting up my home environment. I was looking at ways to access my services from my mobile device. I know a lot of folks set up Traefik but I have a Unifi System and that has Teleport. I have tested it on my mobile device and I can connect to local devices that are not opened to the internet. I am curious if people have used this as an alternative and how it worked out.

Since I already have the Unfi system I was hoping this could work for me so I don’t need to mess with anything else.

11
    • curbstickle@anarchist.nexusEnglish
      3 months

      Unifi teleport is a Wireguard VPN.

      If you want to access your internal devices/services from elsewhere, and dont require public internet access, yes, this is perfectly fine.

      Traefik (and other proxy tools) are generally used for public internet based access, not VPN.

      • KingOogaBooga@lemmy.worldEnglish
        3 months

        My big paranoia is setting up Internet accessible services, I am an idiot…I know this. So if I don’t need to expose things to the internet I don’t want to. Generally all my services are just for me and I am on my local network pretty much all the time. My mobile device is where the issue lies. Not sure if you can run teleport all the time and if that is a good idea.

        • curbstickle@anarchist.nexusEnglish
          3 months

          If you want it to run all the time, I’d export the config file and use Wireguard tunnel rather than wifiman for teleport.

          VPN only access for just you is a perfectly appropriate solution.

            • curbstickle@anarchist.nexusEnglish
              3 months

              I am, though I’m not using unifi.

              Teleport is just Wireguard with unifi stacked on top. You can just export the config and its literally a Wireguard connection. Unifi Teleport is just using their online services to replace a step.

              But teleport (which is Wireguard under the hood) is not meant for an always-on connection, its meant for ad-hoc connections.

              So if you want always on, export the config and run it as a Wireguard tunnel. Its exactly the same service, running on exactly the same device, without using wifiman and allowing for an always on VPN.

              • KingOogaBooga@lemmy.worldEnglish
                3 months

                I am pretty smooth brained so apologies for the questions. You are setting up the wireguard on a separate server or on the Unif device itself?

                • curbstickle@anarchist.nexusEnglish
                  3 months

                  My setup doesnt matter, I don’t use Unifi for my main home infra.

                  You can use the Unifi device itself. Teleport is just a single click Wireguard service, with no need for port forwarding or additional configuration.

                  Last I saw it, you can export the config from the browser for use with client devices, you can use that with wireguard tunnel and set it as always on.

    • cantankerous_cashew@lemmy.worldEnglish
      3 months

      There’s also an option to set up a vanilla WireGuard server. I’ve done that on my dream machine and am able to remote into my homelab with the vanilla WireGuard iOS & Mac apps

      • tealgators@lemmy.zipdeleted by creatorEnglish
        3 months

        Same. It works great. I can set the ip address and dns. Unlike Teleport. Nothing wrong with teleport outside of those two things.

      • KingOogaBooga@lemmy.worldEnglish
        3 months

        I have a dream machine 7. I am using Android but I would guess there is an app for that. How hard was it to set up the Wireguard server?

    • MasterBlaster@lemmy.worldEnglish
      3 months

      This is the first time I heard of it, so I’m going to read up. I set up openvpn on my NAS, ensured only the one port is open, and connect to the vpn when I need to access my local network.

      Inside, I configured a DAVX volume and use DAVx5 on the phone for file transfer. The vpn uses a certificate and pwd for auth.

      I have KDE Connect as well.