How-to Ubiquiti Unifi Security Gateway (USG) Cloudkey VPN without Radius server (local users)

I wanted to use VPN without mandatory installing a Radius server. This is possible with an Ubiquiti USG if you follow the following instruction strictly:

Read this official instruction before you continue reading mine. It’s very important you understand and follow the instruction step by step. I strongly advice to create a ticket with Ubiquiti support because no system, network and circumstances are the same. Also instructions change very fast because of the updates. If you don’t know what to do, ask for help. The version when I installed VPN was 5.3.8 and when created this document 5.4.11.

1. Create config.gateway.json file

First your create a textfile with filename ‘config.gateway.json’. Be aware you don’t have any other extension (for eg. txt or other, it has to be .json)

Content of this textfile :


    “vpn”: {

        “pptp”: {

            “remote-access”: {

                “authentication”: {

                    “local-users”: {

                        “username”: {

                            “user1”: {

                                “password”: “password1”


                            “user2”: {

                                “password”: “password2”




                    “mode”: “local”







Save this as config.gateway.json. In this example two users were created: user1 with password password1 and user2 with password password2. Change this in something you want.

2. WinSCP

Download and install WinSCP.

Start WinSCP and connect to the IP address of your Cloudkey. Use the credentials (username/password) of your Cloudkey to login.

Go to the directory /srv/unifi/data/sites/default (or how you named your site).

Copy here the created config.gateway.json.

3. Create network for VPN

Go to settings in Unifi and click Networks, click CREATE NEW NETWORK.

Fill in the information like shown below and click on CREATE NEW RADIUS PROFILE.

Fill in the information like below:

You can use the information like mentioned in the instructions of Ubiquiti (link top of the page)i. Click on SAVE and click again on SAVE.

When the USG completed it’s provisioning you will be able to use VPN with using the username/password you created.




Posted by Ramond - 13 February 2017 at 18:16

Categories: Tips   Tags: , , , , , ,

Ubiquiti Unifi and my ISP appear to be a good team!

My ISP (Ziggo) issues?

Many times people write on social media or forums that Ziggo (My ISP) internet very bad performs. Most of the times this is due to bad devices with the main cause failing wireless connections. Of-course there are also cases known which is the fault of Ziggo. Distribution centers or DNS which suddenly stopped working. Some days ago there was an issue which was the mistake of Microsoft (solution KB3206632). It’s clear you can not easily pin point the problem of an internet connection.

I got a Technicolor cable modem where suddenly a firmware update caused I wasn’t able to change the DNS anymore. This was the reason for me to change the cable modem in bridge mode.

After struggling a while with an ASUS AC-68U and Linksys AC1600 I decided that these ‘high-end’ consumer products had to go and embrace an enterprise product. I was not able to get a stable enough environment with the (pro-)consumer products. I had the following issues on a regular basis:

  • The technicolor acting weird with the mentioned routers (DHCP issues, strange client error messages)
  • Ring doorbell and the
  • Nefit Easy lost a lot of times their wireless connection (FYI both working on 2.4 ghz)
  • Sony VAIO laptop was not able to maintain a stable wireless connection, especially having a lot of DNS issues with websites. (FYI also on 2.4 ghz)
  • 5 ghz was working fast but also experienced DNS issues (stuttering (unable to load websites and pictures/video’s on Facebook, etc…) while speedtests report a fast enough speed
  • App of Philips HUE didn’t connect fast when using it via WiFi on the LAN.

Old situation

The disadvantage of this setup was having multiple SSIDs (wireless network names). I got several times the question why those names are not the same. You have to know that these routers and clients lack the feature to know which connection is the best. To explain it easy the client will connect to the first connection possible and tries to maintain this connection till it completely get lost. This is not what you would like to happen.

The ideal situation would be that you have one network name per band and the client automatically can roam between access points depending of the signal strength. This kind of system is called MESH. Also will some people say you can name the same network name for the separate wifi bands (2.4 and 5 Ghz). In theory this is correct, clients are able to choose the band best suitable for them, but some devices like the Ring and Nefit Easy are not able to do this advance client communications and will get confused resulting in losing the connection. I advice to disable automatic choosing of channels and bands for this reason.

New situation

I was ready for an Enterprise WiFi solution. I’ve chosen for Ubiquiti with their Unifi enterprise WiFi products.

At first I choose for the following setup:

This basis setup I choose to start if I like the environment. The installation and features surprised me in a good way.

Lots of WiFi access points and routers scan only the channels used by WiFi to check which other WiFi is causing any interference. Ubiquiti scans those frequencies but also check those used by other devices such as a microwave or baby-phone which enables you to make a better decision which channel to use. You are also able to see how much of that bandwidth in that channel is being used. With this information the other wireless routers and access points look like a kids toy.

It’s very clear which channels are occupied and busy and which not.

When you click on the channel you get even more in-depth information..

With this information I was able to fine-tune my channel per floor, because each floor experienced different types of disturbances.

It’s better to not setup the channel being chosen automatic. There are (mostly old) device which cannot hop automatic to the new channel which will result in unstable or even lost of the connection. The advantage of a fixed chosen channel is that it will give those devices a stable connection. Take care of choosing a channel which is not interfering with neighbors their equipment but surely also not those from yourself.


One of the main reasons to switch to Ubiquiti Unifi WiFi is the feature to use MESH/roaming in home like I written before.

Here you can see my S7 roam from Slaapkamer to Mancave In stead of choosing another AP manually Unifi takes care it will automatically roam from Slaapkamer (upper floor) to Mancave (lower floor).

But this is not the only advantage. There is also an advantage regarding redundancy. Imagine the AP is not available due to maintenance or another reason other APs will be able to serve these clients.

Here you see the Chromecast roam from Slaapkamer to Woonkamer because I forced a maintenance of AP Slaapkamer resulting the clients to roam to other APs nearby. Clients will continue to work, maybe temporarily with a slower throughput but they keep on working, eventually the Chromecast will roam back to the AP with better connection.

It works very well. Everybody with multiple APs in home should have a system with MESH/roaming features.


I love measuring statistics and speed so I started to do.

These are my results with my old Linksys EA6400 (AC1200). Maximum download 283.3 Mbit/s, average 258.8 Mbit/s and upload maximum 26.44 Mbit/s and average 22.52 Mbit/s. This is without roaming or other features enabled. This AP was in our living room (Woonkamer) because here the speed is the most important for our devices. (measured with using the 5 Ghz band)

I was shocked of the difference. I first noticed the download speed. I had expected a higher speed with this Enterprise product. We have at home a 300 Mbit download and 30 mbit upload connection. Maybe you notice the test server is slower than using with the linksys but I reran the test several times on the 10 Gb/s and the difference keeps the same. The first positive thing I noticed was the upload speed. Average from 22.52 Mbit/s to 30.18 Mbit/s) which is a nearly 34% faster. The ping time is also shorter,  26 ms to 20 ms, which is 30% faster. This can be called a big gain.


At that moment I wasn’t aware of how good the stability was of Unifi products. Because the strange behaviour of the Technicolor from my ISP Ziggo I decided to buy also the router of Ubiquiti so my whole infrastructure will be Unifi. I called Ziggo to change my router into bridge mode. It’s not possible to change the TC7210 manually in bridge mode.

The Unifi Security Gateway Router :

I know the stability would be better because you can arrange and control DHCP and DNS.

The system is now running more than two months and I have to say I’m impressed and I should have done this much earlier. All devices (iOS / Android / Windows 10) but especially the Nefit Easy, Philips HUE and Ring working very stable now.

Current situation

In Unifi it looks like this:

The first options show the Dashboard, showing the most important information in this view.

The second option is for statistics.

The third option is called “Maps” but I don’t use it for the limitations not able to use floors.

The fourth option is “Devices” and you can see the Unifi devices.

The fifth option is called “Clients” which show you the clients which are currently connected.

Sixth and last option is called “Insights” which enables you to see the clients during a specific time frame they were connected to the system.

On this page I found my NEST Protect V2 for the first time. I was never able to find them with Fing or Linksys, Unifi no problem! (for security reasons I don’t show IPs but you can see them in Unifi).

In this example I have selected the clients from 24 hours but you can choose more options which are added or updated in new versions.


You buy good equipment for home. Linksys, ASUS or Cisco products for (pro-)consumers are despite their higher price lacking a lot of features. I didn’t write about lots of features like VPN, guestnetwork, etc… Most important is it’s working very stable. We had no issues in those two months. Download speeds of 36+ MB/s ( 288 Mbit/s ) with a UTP connection via Steam are not rare.

My wife here iPhone and iPad are working better since our migration to Ubiquiti Unifi. I noticed on my computers and android devices a much better working DNS. All smarthome devices working faster and more stable than ever before. Throw away those consumer routers, switches and access points!

Happy 2017!


Posted by Ramond - 28 December 2016 at 18:37

Categories: Review   Tags: , , , , , ,

My Virtual Reality (VR) experience – 30 years later – Samsung Gear VR

First experience

Now already 30+ years ago I experienced my first Virtual Reality (VR). The PC had now it’s powerful 32 bit processor, the Intel 80386. I can remember well a company located in Scheveningen (NL) with the only working VR setup for consumers. The price for this VR set was approx. 150.000 Dutch guilders (73.000 euro) during the late 80s and begin 90s.

The 80’s and 90’s

The screen quality was very basic.

VR had it’s potential in the 90’s but the dream vanished quickly. No one was interested at that time. I spoke with friends a lot about why VR isn’t here yet, the graphical power of GPUs is now many times better than in those time.

Palmer Luckey had given VR a new life

Gladly Palmer Luckey gave in 2012 VR a new life, and how!

Since his kickstarter campaign reached 2.4 million dollar many jumped on the VR train. He had a vision and wanted to make VR popular and a success. He managed this in my opinion.

I dare to claim that many with me relive the moment they had the Commodore 64 home computer. Many asked why and what you should do with a computer at home but in the mean time everyone has  a computer and smartphone or tablet in use. I think VR will be no different. People were yelling how stupid chatting was and only for nerds. Nowadays everyone is using it. VR will not be a replacement of things but an addition.

Google Cardboard

During the Google I/O 2014 developers meeting Google introduced the Google CardBoard. Google did motivate developers to make applications for VR in this way. I got myself also a cardboard using it on a  Samsung Galaxy S5+ and I liked it right away. The possibilities were obvious. If you install the cardboard app you can start immediately with your new VR experience. YouTube also supports cardboard.

Google Cardboard

Samsung Gear VR

During my pre-order of the Samsung Galaxy S7 Edge I was given the opportunity to enlist for a free Samsung Gear VR. On the 8th of April 2016 Samsung started to ship the Gear VR in The Netherlands.

I took the next day time to test and install my Samsung Gear VR. I wanted to take it the slow road instead of doing it fast.

Unboxing Samsung Gear VR

Samsung Gear VR

During unboxing I noticed a small but nice manual in Dutch. I decided (how it should be) to read the instructions properly and doing step by step. Happy I did. The only thing they didn’t describe in the instructions is to remove the plastic protection but the other steps were clearly written.

Setup Samsung Gear VR

When I placed my Samsung Galaxy S7 Edge in the Gear VR I got a notification to take the mobile out of the Gear and complete the installation.

Gear VR software installatie

After the setup run I could place my smartphone again the in Gear VR. The VR party could start!

First experience with the Samsung Gear VR

When I placed the Gear VR on I felt immediately that everything was better made comparing to the cardboard application. It felt more VR. A short tutorial shows you the basic controls. I have to say, it felt good and natural.

I believe this is because the cooperation of Samsung with Oculus.

The application Oculus Home felt nice:

WOW moments

There were several moments that I a WOW.

360 videos

There are several 360 videos available to watch for free. I personally liked the on of National Geographic with a waterfall. Impressive.


This was a surprise for me. A good surprise. They had two who really gave me the immersive feeling. It was a video of NBA and a soccer match (Manchester vs Barcelona). At both sport matches it’s like you actually are there! PERFECT!

Jurassic World: Apatosaurus

Don’t worry, no spoilers. I can and want only tell you it’s not scary. Enjoy the moment. Nice to watch for young and old.


A funny short animation movie. Look around and enjoy! I loved the humor. Tip: during half of the movie look at your feet 🙂


During my VR session I received a notification on my Gear 2 smartwatch and I was not able to view my watch at that moment ofcourse. The notification was shown on my Gear VR and not intrusive at all. Well made Samsung!

Not so WOW moments

It’s not all perfect. We have to remember these are basically first generation VR products for consumers.


128GB SD

I have a Samsung Galaxy S7 Edge 32GB with an additional 128 GB SD. Unfortunately I was not able to move one additional or application to my SD card. So I got soon a warning I had not enough space on my smartphone while I had 90 GB free on my Samsung microSDXC Pro Plus which according me should be fast enough to handle those files with a minimum read speed of 95 MB/s and 90 MB/s write speed.


I experience one spontaneous reboot during normal usage. The screen went black and I saw suddenly appearing the white characters with Samsung Galaxy S7 Edge on my screen. Looked familiar to me, but not welcome on that moment.

Fast WiFi

I  was visiting my sister and showing her the Gear VR which didn’t work properly at first while it was running smooth at my place. Cause was found quickly as the WiFi connection was much slower than in my place (sound normal as I have a faster subscription and faster/more modern wifi accesspoints). The disappointment was not less due to this. This particular video was not available for download and you had to stream it but that didn’t go well causing stuttering due to buffering. Experience gone.

Mandatory Oculus Home

At the cardboard solution I was able to use other applications and using VR, for e.g. YouTube and others. In Oculus Home this is not possible. You have to start the application within Oculus home otherwise you are not able to use the Gear VR in VR mode. Happily I found soon that Samsung Internet application in Oculus Home was able to visit the YouTube site. None of the cardboard games work in Oculus Home because of the simple fact you are not able to see and select them.


The future of VR will be dependent on it’s success. Samsung already announced that you can make your own 360 videos with the Gear 360 which will be available in The Netherlands for € 349,- around spring.

This information came with my Gear VR (Dutch, sorry):

Gear 360

I don’t think Oculus will rest. Oculus will motivate their partners to create content for Oculus home.

Google Cardboard vs Samsung Gear VR vs Oculus Rift

I also preordered the Oculus Rift gepreordered and some will ask why. What is the difference between Google Cardboard, Samsung Gear VR and the Oculus Rift?

The Google Cardboard is a fun way to experience VR, with a low budget.

My cousin Gino bought a Google Cardboard alternative at the Action (NL)  store for only € 2,50!



Buying the Samsung Gear VR separately will cost you € 99,00. (The Samsung S6 (Edge), S7 (Edge) and Note 5 are supported).

The difference include extra sensors and lenses of a better quality. The material is not cardboard but plastic on the Gear VR. It wears more comfortable and is user-friendlier to use. The control and experience are better implemented.

Last but certainly not least… Oculus Rift

The Oculus Rift will be the best in this row for VR experience. The price is not for everyone and you will need to have a powerful PC.

You are able with the Rift to use certain games and applications in VR. This is the dream of every computer nerd 🙂 Applications are almost unlimited. The Oculus Rift didn’t arrive yet but I will review it when I can.

I’m ready for a new era…. the VR era…

Posted by Ramond - 10 April 2016 at 19:29

Categories: Opinie, Review, VR   Tags: , , , , , ,

Next Page »