Azure Site-to-Site VPN Setup on UDM Pro 2023

3 min readAug 3, 2023

UDM-PRO embeds a Unifi Controller which is a piece of software that enables to manage several Ubiquiti hardware. It’s an SDN. From Unifi Controller you can handle your whole Ubiquiti network such as switches, firewall and obviously VPN. When I bought UDM-PRO, I wanted to establish a Site-to-Site VPN with Azure for my lab. Thanks to that, I can try hybrid scenarios between On-Premises and Azure. In this topic, we will see how I have established this VPN.

Requirements

To follow this topic, you need an Azure subscription with the following resources deployed:

A virtual network
A local network gateway
A virtual network Gateway

Make sure that a gateway subnet is created in your virtual network:

Configure the local network gateway

The local network gateway is used to define the On-Premises network configuration. You need your Public IP and the subnet you want to route in Azure:

For the purpose of my lab, I chose the VpnGw1 SKU. You can also configure BGP to spread route automatically between On-Premises and Azure.

Once the virtual network gateway is ready, you need to create a Connections. To create a connection, just navigate to Connections and click on Add.

Once the connection is configured on Azure side then you will need to set up Site-to-Site VPN connection on UDM.

Configure the UDM-PRO

Connect to the Unifi Controller. It should be your UDM-PRO IP or name. Open the settings and navigate to Setting > Teleport & VPN and click on create Site-to-Site VPN with the following settings.