UniFi Guides: Setup, Gateways, VLANs, VPNs, Wi-Fi, and UniFi Protect

UniFi is one of the easiest ways to build a powerful home, home lab, or small-business network without making the entire setup feel like a full-time job. You can manage your gateway, switches, access points, VLANs, firewall rules, VPNs, cameras, and remote access from one interface, which is the main reason I use it.

I previously used pfSense for years, and I still think pfSense and OPNsense are great options if you want the most control over your firewall. With that said, for my own network, UniFi became the better fit because I wanted everything in one ecosystem. The firewall is not as customizable, but the overall experience is a lot easier to manage day to day and just as powerful for what I need.

This page is the starting point for all of my UniFi guides. If you’re new to UniFi, start with the basics below. If you already have UniFi running, you can jump straight into gateways, Wi-Fi, VLANs, firewall rules, VPNs, UniFi Protect, UniFi Drive, or self-hosting the UniFi Network Server.

New to UniFi? Start Here

If you’re setting up UniFi for the first time, I would keep it simple at the beginning. Don’t start by creating a bunch of VLANs, copying someone else’s firewall rules, or buying random access points because they look good on paper.

This is the order I’d follow:

1. Choose the right gateway using the best UniFi router and firewall guide.
2. Set up the UniFi Network application, or use a UniFi Cloud Gateway that has it built in.
3. Get your main LAN working first.
4. Add your UniFi switches and access points.
5. Configure Wi-Fi and make sure coverage is good.
6. Add VLANs for IoT, guests, cameras, servers, or lab devices if you need them.
7. Create firewall rules based on what each network should actually access.
8. Then look at VPNs, port forwarding, site-to-site VPNs, Protect, or UniFi Drive.

The biggest mistake people make with UniFi is trying to make it advanced before the basic network is stable. VLANs, firewall rules, and multiple Wi-Fi networks are all useful, but they also add more ways to break things if you do them too early.

Why I Use UniFi

The biggest reason I use UniFi is usability. I can manage my gateway, switches, access points, firewall rules, VLANs, VPNs, cameras, and remote access from one place. That matters when you have a lot of devices and don’t want every change to turn into a project. If you want the cleanest all-in-one ecosystem for a home, home lab, or small business, UniFi is hard to beat.

• Selecting the Best UniFi Router & Firewall

UniFi Videos from My YouTube Channel

Some UniFi topics are easier to understand when you can actually see the interface. These are the UniFi videos I’d start with if you want a visual walkthrough alongside the written guides.

Complete UniFi Setup and Walkthroughs

If you’re new to UniFi, start here. These videos walk through the UniFi Network application and the main settings you’ll run into when setting up a gateway, Wi-Fi, VLANs, and firewall rules.

UniFi Security and Common Problems

Once UniFi is running, the next step is making sure it’s configured properly. These videos cover common issues and the security settings I’d look at first.

UniFi Network Setup Guides

These are the guides I’d use first for the core UniFi Network features: DDNS, VPNs, guest networks, and VLANs.

• How to Configure Dynamic DNS on UniFi Cloud Gateways
• How to Configure OpenVPN on UniFi
• How to Configure WireGuard on UniFi Cloud Gateways
• How to Configure Teleport VPN on UniFi
• How to Configure an L2TP VPN Server on UniFi
• How to Configure a Guest Network and VLAN on UniFi

For remote access, I’d usually start with WireGuard or Teleport. OpenVPN still works, but WireGuard is generally where I’d start today unless there’s a specific reason not to.

Wi-Fi, VLANs, Firewall Rules, and Advanced Settings

This is the part of UniFi where people tend to overcomplicate things. VLANs and firewall rules are useful, but they should be added for a reason. Don’t create five networks just because someone on Reddit said you should.

• How to Optimize a UniFi Wi-Fi Network
• How to Port Forward on UniFi Cloud Gateways
• How to Configure UniFi Firewall Rules
• UniFi Layer 2 vs Layer 3 Switches
• How to Configure Band Steering on UniFi Access Points
• How to Configure a Site-to-Site VPN in UniFi

The part where people get confused with UniFi firewall rules is usually the direction of the traffic. You create the rule on the network where the traffic starts. So if your IoT devices should not access your main LAN, the rule belongs on the IoT network.

For Wi-Fi, start with the basics before changing every advanced setting. Good access point placement, reasonable channel widths, and wired APs will do more than random tuning. High transmit power is not always better, and in some cases, it can actually make roaming worse.

UniFi Protect

UniFi Protect is one of the stronger parts of the UniFi ecosystem. It’s easy to manage, footage is stored locally, and you don’t have the same recurring camera license situation that you get with some other platforms.

• G6 Instant Setup and Review

I like UniFi Protect for home and small-business camera setups, but I would still think through storage before buying everything. A gateway can work for a few cameras, but if you’re running a larger camera setup, I’d look at a dedicated UNVR or UNVR Pro instead.

UniFi Drive and UNAS Pro

UniFi Drive and the UNAS Pro are newer parts of the UniFi ecosystem. This is Ubiquiti moving beyond networking and cameras into storage.

• Everything You Need to Know About the UNAS Pro
• Adding Docker and Jellyfin to the UNAS Pro

The UNAS Pro is interesting, but I would still compare it against Synology, TrueNAS, or Unraid depending on what you need. UniFi Drive is improving, but NAS platforms have a lot more storage-focused features right now.

Self-Hosting the UniFi Network Server

Most newer UniFi Cloud Gateways include the UniFi Network application, so a lot of people do not need to self-host the controller anymore. But self-hosting still makes sense if you’re only using UniFi switches/access points, or if you specifically want to run the controller on your own hardware.

• How to Install the UniFi Controller on Ubuntu
• How to Self-Host the UniFi Controller on a Synology NAS
• How to Install the UniFi Controller on a Raspberry Pi
• How to Migrate the UniFi Controller

If you’re starting fresh with a UniFi gateway, I’d use the built-in UniFi Network application. If you already have a self-hosted controller, make sure you take a backup before migrating anything.

What I Would Avoid as a UniFi Beginner

If you’re new to UniFi, I’d keep the first version of your network simple. You can always make it more advanced later.

• Do not buy the wrong gateway. Start with the best UniFi router/firewall guide and choose based on your internet speed, Wi-Fi needs, PoE needs, and whether you want rackmount hardware.
• Do not create too many VLANs right away. VLANs are useful, but every VLAN usually needs firewall rules and testing.
• Do not copy firewall rules blindly. Understand what each rule does and where the traffic starts.
• Do not assume high transmit power improves Wi-Fi. It can make roaming worse, especially with multiple access points.
• Do not rely on wireless meshing if you can hardwire APs. Meshing works, but wired access points are almost always better.
• Do not expose services with port forwarding unless you need to. Use VPNs, Teleport, WireGuard, or Cloudflare Tunnels where possible.
• Do not migrate UniFi Network without a backup. A backup can save you from readopting devices or rebuilding the network manually.

The best UniFi setups are usually simple in the right places: the gateway is sized correctly, access points are placed well, VLANs are intentional, firewall rules are understandable, and remote access is configured securely.

Community Resources

The UniFi community is large, and it’s worth using when you run into model-specific questions or weird issues. The official documentation is best for how things are supposed to work, while Reddit and the community forums are useful for seeing what people are actually running into.

• r/Ubiquiti
• Ubiquiti Help Center
• UniFi Community Forums

Final Thoughts

UniFi is one of the best ecosystems for building a powerful network without making the day-to-day management overly complicated. It’s not perfect, and it’s not the most customizable firewall platform, but it works extremely well when you want one ecosystem for gateways, switches, access points, VLANs, VPNs, cameras, and remote management.

If you’re brand new, start with the UniFi router/firewall guide, then watch the full UniFi Network walkthroughs above. After that, configure Wi-Fi, VLANs, firewall rules, and VPNs one step at a time.

The biggest thing is to build the network around what you actually need. Choose the right gateway, hardwire access points where possible, keep VLANs intentional, avoid unnecessary port forwarding, and back up UniFi Network before making major changes. Once that foundation is in place, UniFi becomes much easier to expand and manage.