Setting Up a VPN

Thanks for starting this topic.

My only goal in getting a VPN is to be able to see the graphs on my Hubitat Dashboard when I am away from home. Is there a safer way, other than a VPN to do this?

My hesitation with a VPN is I don't want to open a route to my home network that could get hacked, because I really don't know what I'm doing with this. For those of us who bought a Hubitat because we are not familiar with and don't have the time to learn how mess with RPI's, NAS and all that, is the VPN that comes stock on the Asus Router safe?
The Asus appears to give the choice of WireGuard, IPSec, OpenVPN, and PPTP. Are all of these free and is any preferred over another?

If a VPN using the stock Asus firmware and one of the above is safe and the preferred method, and if I set it up, will I be able to see my Hubitat dashboard graphs (set up in Hubigraphs) from my phone when I am not home? Will it require installing added apps on my phone to do so, or will the graph be visible when I open the Hubitat dashboard?

I'm currently running Wireguard on DD-WRT firmware on my router. I used to use the built in Open VPN, but Wireguard is much simpler to set up on the router and client devices. I've played around with ZeroTier and Tailscale but didn't find either one to be a better solution for me.

On my phone I'm using Automate Android (similar to Tasker) to automatically connect to the VPN anytime my phone isn't connected to my home Wi-Fi. It's a full tunnel so I still use my Pihole DNS and block ads when out and about in addition to getting access to LAN devices.

AFAIK a quality VPN is the safest way to allow access to your home network when you're away. If you wanted general access to your home network that is the way you should go.

That said, you don't need a VPN to access your Hubitat dashboards remotely. You have a cloud link in the Hubitat Dashboard app just use that link.

2023-11-19 11_11_05-Hubs, Network, & Tech

1 Like

The dashboard works via the Hubitat App, but the graphs don't show up when I am not connected to the local network. If you know how I can fix that without a VPN that would be SO APPRECIATED!!!

Maybe better to start a new topic so you don't divert this one too much away from its purpose. And you'll need to provide more info in that topic on what graphs from what sources, etc., that aren't working w/the cloud link. :slight_smile:

1 Like


1 Like

OK, back to this VPN thread as that other thread settles a VPN is needed.

AFAIK a quality VPN is the safest way to allow access to your home network when you're away.

Is a VPN via my Asus router "a quality VPN"? If so, which of the four options is recommended?

If you wanted general access to your home network that is the way you should go.

I do not need general access to my home network. I ONLY want to see the Hubigraphs in my Hubitat Android app dashboard. Will I need to load any apps on my phone to see the Hubigraphs on the Hubitat Android app dashboard via VPN?

I experimented with Cloudflare and another similar option that I can't remember name and both seemed like great options if I didn't already have Wireguard VPN.

I am also using WireGuard - because I already have an RPI running 24/7, and it is straightforward to set up and use.

1 Like

+1 for Tailscale.
Have to say it wasn't as easy as click and go, eventually got it working.
Running it on my Qnap using Virtualization Station.
Tried setting it up using a container but that was way over my screwing around tolerance. :crazy_face:

A few years ago I was using a Linux box with iptables for my firewall and I setup both openvpn and wireguard on it to see which I liked better. Wireguard turned out to have something like 15% less throughput so I ditched it. Last year I replaced the Linux box with an OPNsense box and setup openvpn on it. It's been rock solid. YMMV

I use my VPN on every device away from home so that all my traffic is routed through my pihole for it's blocking of BS traffic. I expected to "feel" a slightly slower connection but it's turned out to be indistinguishable from being connected to my wifi at home.

Yes. If Wireguard is one of the four VPN Server options, that would be my choice.

I run Wireguard on my UniFi Dream Machine SE. It works great for remote access to my home network.


Wow, I did notice a flurry of posts during the hours that after I posted (went to bed)...

My lazy self would revert back to the WireGuard setup I have had issues with.... But I may dabble in some others based on comments here along with other forums.

Thanks to those who have posted so far, don't let my post stifle the conversation... :slight_smile:

Could you point me in the direction of the instructions that you used to do so? Last time I looked over an year ago, I was confused by instructions that I found.

Sure. To be clear. Wireguard supports the Edgerouter. The Edgerouter does not come with it built in. I started with this article which got me about 90% of the way.

VERY IMPORTANT: Take notes and copy your keys off to somewhere secure but assessable like a password manager because the peer configuration will get wiped every time you do a firmware update on the Edgerouter. I simply saved the console commands so that I could replay them when necessary. Not a big deal, if you have the notes. It takes me less than 5min to do it after a firmware update. Just something I have to remember to do.

If you figure out a way around this, please let me know.

Unifi has a zero configuration VPN called Teleport. Up until now it's been mobile devices only. They're releasing beta computer clients now. Currently Mac and Linux are available.

FYI (and tagging @chowell), the EdgeRouter line now supports Wireguard VPN natively in most recent FW releases...


EdgeRouter 3.0.0-rc.3 & onward includes a new redesigned web interface and adds support for WireGuard VPN.

Early Access (e.g., beta):

That could/should (?) make it easier to set up? I haven't updated to the new FW yet so haven't investigated migrating my existing WireGuard setup on my ER12 to the new built-in support on the new FW. One of the things I have to check into is whether you can update the WG version independently of the Edgemax FW updates.

For less setup work overall you can also use the Tailscale WG option...

1 Like

Nice! I'll be looking forward to that!

I have Wireguard currently running on a Raspberry pi 4. Would there be any performance gain (or loss) if I was able to get it running on my EdgerouterX?

I would expect negligable difference, but of course I've never compared. Having it on the Pi may give you additional flexibility (i.e., not tied to Unifi/Ubiquiti FW updates).