After running the UDM Pro now for about 2 or 3 years now I have concluded that it kind of sucks. I wont give all the reasons. I assume that if you agree with me you will have experienced many reasons why.
I am convinced that the device is a great cloud management device, a neutered and basic homeowner router, and virtually as basic a firewall, if it even qualifies as a firewall, can be.
The main issue I am having right now are all the little things. One of which I will report here. I use Surfshark VPN beacause they allow you generate and export key pairs for using Wireguard VPN which is a very fast VPN. I want my whole network behind Wireguard in my home while making exceptions for certain devices that can be behind my normal ISP such as TVs etc...
UDM pro absolutely and abysmally fails at allowing Wireguard as a VPN CLient. Sure I can upload all the configurations I want but for many VPN services that allow Wireguard they do not stick the usual MTU of 1450 for Wireguard. They modify theirs for higher performance. In the case of Surfshark their desirable MTU is 1280 bytes. However, the UDM pro will NOT, and I repeat NOT allow you to modify the interface MTU for WIreguard and their response was as expected. You cant when I emailed them. Not even through CLI can I modify it.
I know its an MTU issue, and yeah I know exactly how MTU and MSS clamping works. When I load the Wireguard client for windows and set the config to a max transmission unit of 1450 which is the wireguard design standard it will not pass any traffic. If I set the MTU to 1280 it absolutely blazes at 700 up and down. Im a 1g Symmetrical fiber.
So I am thinking of getting rid of the UDM Pro and going back to PFSense as my router and just get a Cloudkey + Gen 2 to manage my Unifi APs etc...
Am I wrong in doing this? Is there any compelling reason that I am wrong? Anyone else here have issue with UDM pro and think that they barely meet the cut as a router?
I am convinced that the device is a great cloud management device, a neutered and basic homeowner router, and virtually as basic a firewall, if it even qualifies as a firewall, can be.
The main issue I am having right now are all the little things. One of which I will report here. I use Surfshark VPN beacause they allow you generate and export key pairs for using Wireguard VPN which is a very fast VPN. I want my whole network behind Wireguard in my home while making exceptions for certain devices that can be behind my normal ISP such as TVs etc...
UDM pro absolutely and abysmally fails at allowing Wireguard as a VPN CLient. Sure I can upload all the configurations I want but for many VPN services that allow Wireguard they do not stick the usual MTU of 1450 for Wireguard. They modify theirs for higher performance. In the case of Surfshark their desirable MTU is 1280 bytes. However, the UDM pro will NOT, and I repeat NOT allow you to modify the interface MTU for WIreguard and their response was as expected. You cant when I emailed them. Not even through CLI can I modify it.
I know its an MTU issue, and yeah I know exactly how MTU and MSS clamping works. When I load the Wireguard client for windows and set the config to a max transmission unit of 1450 which is the wireguard design standard it will not pass any traffic. If I set the MTU to 1280 it absolutely blazes at 700 up and down. Im a 1g Symmetrical fiber.
So I am thinking of getting rid of the UDM Pro and going back to PFSense as my router and just get a Cloudkey + Gen 2 to manage my Unifi APs etc...
Am I wrong in doing this? Is there any compelling reason that I am wrong? Anyone else here have issue with UDM pro and think that they barely meet the cut as a router?