Upgrade Unifi USG-3p to Dream Router VPN question

[Velvis]

I am looking to replace an older USG & Cloud Key with a new Dream Router for a small network. Off the top of my head I think the only settings I need moved over are the wifi network settings (main network and guest network) and a VPN.

What is the proper way to do it?

 

[YeOldeStonecat]

Best to have both at latest version of Unifi...
Backup Cloud Key ...settings only should suffice and be more reliable...
When Dream Router asks to import any settings (the initial setup wizard assumes you're upgrading from legacy)...import it.

And at the end of the day, unless its a really...really large network with many Unifi devices and lots of complex settings...just factory resetting the inside Unifi devices, adopting clean, and then rebuilding your settings from scratch is what...10 minutes? 15 if you're really really slow at it?

 

[timeshifter]

I agree. Your best bet is probably just set it up from scratch. An older USG and CloudKey are not going to be anywhere near the same versions as a newer DreamRouter would have. All you really need is the Wi-Fi, SSID, and password, and the VPN settings. And I think VPN options have evolved since the original CloudKey that you're dealing with.

So probably a lot simpler just to set it up clean.

 

[Velvis]

Thank you for the advice, I will just start fresh.

 

[Velvis]

So I replaced the USG with a Dream Router 7 and recreated the wifi networks and the VPN server. The VPN is used occasionally to access a computer from outside the office. After changing the equipment the IP address on the office computer changed so I changed it in the RDP connection. I was then able to connect but the person who normally uses the computer is still not able to connect.

So to clarify: Using my computer I am to connect to the VPN and remote desktop into the office computer (so it is working on the office ends of things), but while the employee's home computer can connect to the VPN, the MS remote desktop app says it can't connect.

Any ideas what would cause this?

 

[YeOldeStonecat]

Changing a gateway on networks with Microsoft Windows clients, Windows will see a "new MAC address for the gateway" and put up the Windows Firewall like a public network. Always have to go around and touch the Windows Firewall on business networks when changing the gateway. (or manage it through InTune to keep the manual labor down). But I'd bet port 3389 is buttoned up tight again.

Can always manage the IP address of a client on a network by giving it a DHCP reservation.....can always use Unifis DHCP to assign that host computer the same IP address it was before.