Great news! The Free Tier is back and accepting new users.

Learn how to get started
Open Markdown

How to optimize UniFi for remote work with Starlink and Teleport

Remote work is the new normal for a lot of us, whether it’s because of a shift in how teams operate or just the dream of working from a cabin in the woods. If you’ve got Starlink and a UniFi setup, you’re already in a strong position. But what really ties it together is UniFi’s Teleport VPN—giving you seamless access to your home or office network no matter where you are. In this post, we’ll walk through the full setup: from Starlink and Teleport basics to actual real-world performance tuning tips.

Let's dive in !!

Before we dive in, please don't self-host your UniFi Controller if you take care of client networks. Sooner or later this will cause issues! It's fine for home users, but definitely not recommended for IT service businesses and MSPs. If you want secure, reliable and a scalable hosting solution check out UniHosted.

Why Starlink + UniFi + Teleport is such a solid combo

Starlink gives you fast satellite internet anywhere. UniFi gives you a solid local network wherever you set up. And Teleport makes your remote connection feel like you're still plugged into your main office or home setup. Together, these three can power a full remote work life—even if you’re in the middle of nowhere.

Here’s how each piece works:

  • Starlink: Satellite internet that works even in rural areas.
  • UniFi: Hardware and software that gives you professional-grade networking.
  • Teleport: UniFi’s built-in VPN that lets remote users securely access their network.

Understanding Teleport VPN

Teleport is UniFi’s answer to "I want a VPN but don’t want to configure a bunch of junk." It’s one-click VPN that works through the UniFi app. The idea is to provide remote users with access to your internal network—without opening up ports or dealing with complicated configurations.

You generate a Teleport link, share it, and boom—they’re connected to your UniFi network. Works with mobile phones and laptops, and performance is solid as long as your network and connection (read: Starlink) are stable.

Step 1: Set up your UniFi network correctly

Before Teleport and Starlink can shine, make sure your UniFi network is in good shape. At a minimum:

  • Use a UniFi Gateway (UDM, UDM-Pro, UDR, etc.)
  • Update to the latest UniFi OS
  • Make sure Remote Access is enabled
  • Make sure your controller is reachable (either via UI.com or UniFi-hosted dashboard)

Tip: Avoid double NAT scenarios. Starlink’s default CGNAT setup complicates things if you don’t plan accordingly.

Starlink uses Carrier-Grade NAT (CGNAT). That’s fancy talk for "you don’t get a public IP address." That’s fine for most use, but it breaks traditional remote access methods, including standard VPNs.

But here's the beauty of Teleport: it doesn't care. It works over outbound connections and doesn’t need port forwarding or public IPs. That makes Teleport perfect for Starlink-based setups.

Just make sure your UniFi Controller has cloud access enabled (i.e., it’s linked to a UI.com account), because Teleport uses this to broker the connection.

Step 3: Enable Teleport in your UniFi settings

You’ll need to do this from the UniFi Network application:

  1. Go to Settings > Teleport & VPN
  2. Toggle on Enable Teleport
  3. Click Create Link to generate a temporary access link for someone to connect

When that link is opened, it walks the user through the Teleport setup process.

Bonus: You can send it to yourself to use on your laptop when you travel.

Teleport works well with Starlink, but Starlink has quirks. Here’s how to get the most out of it.

If you're using a UniFi gateway behind the Starlink router, switch the Starlink router to bypass mode. That way, UniFi can fully control the network.

How to do it:

  • Open the Starlink app
  • Go to Settings > Advanced
  • Toggle Bypass Mode

Then, connect the UniFi gateway directly to the Starlink Ethernet adapter. This gives UniFi full control and helps avoid double NAT problems.

QoS + Smart Queues

Enable Smart Queues in UniFi for better traffic shaping:

bash
Settings > Internet > WAN > Smart Queues

Limit the bandwidth to about 85% of your actual Starlink speed to reduce latency. For example, if Starlink gives you 150 Mbps down and 20 Mbps up, set it to 130/17.

DNS optimization

Use Cloudflare (1.1.1.1) or Google DNS (8.8.8.8) for faster DNS resolution, especially since Starlink’s latency can spike.

bash
Settings > Internet > WAN > DNS Server: 1.1.1.1 and 8.8.8.8

Real-world use cases

1. Working from an RV or cabin

You’ve got your Starlink dish on the roof, your UniFi Dream Router inside, and a laptop. Set up Teleport from your office UniFi Controller, and now you’re connected to the office NAS, printers, internal tools—like you're right there.

2. Supporting a remote client

Let’s say you’re managing a client’s UniFi setup and you need to hop into their local network. Generate a Teleport link, send it to yourself, and connect right into their network from your laptop.

3. Secure home access while traveling

Want access to your home lab, UniFi Protect, or other internal stuff while away? Set up Teleport, and you’re in. No messing with port forwards or exposing your network.

Troubleshooting common issues

Teleport doesn’t connect

Make sure:

  • The UniFi Controller is online and connected to the cloud
  • Teleport is enabled
  • You’re not blocking outbound traffic on port 443

DNS fails over Teleport

If internal DNS doesn’t resolve while connected over Teleport, check:

  • Controller is advertising local DNS servers
  • Remote client’s DNS settings don’t override UniFi’s

Bonus: Use Teleport + WireGuard for even more control

Teleport is built on WireGuard, but UniFi doesn’t yet allow full manual control of WireGuard configs.

If you want advanced VPN setups (like split tunneling), you can pair UniFi with your own WireGuard instance. But for most people, Teleport is simple, secure, and fast enough.

Some limitations of Teleport

Teleport is fantastic for single-user access, but:

  • Links expire after 24 hours (by design)
  • It doesn’t support multi-user persistent connections
  • No centralized policy control (yet)

For those needs, you might want to look at full-site VPNs (like site-to-site IPSec or OpenVPN), which UniFi also supports. But they need public IPs or port forwards—not easy on Starlink.

Future-proofing: What to expect

Ubiquiti has been expanding Teleport, and we might soon see:

  • Persistent logins
  • Native desktop clients
  • Role-based access

But for now, it’s an ideal way to give remote staff or yourself easy, secure access without any networking headaches.

Final thoughts

If you're combining Starlink, UniFi, and Teleport, you're working with some of the best tools for remote networking. You get reliable internet anywhere, a rock-solid local network, and secure remote access—all without diving into complicated configs.

And if you’re doing this for client work or multiple sites, don’t self-host. We’ve seen it go wrong too many times. We run UniFi controllers for clients all over the world, optimized and backed up daily. If you’re looking for something stable and scalable, check out what we do at UniHosted.