Ubiquiti Teleport: One-Click Remote Access for UniFi

Introduction
If your business runs on UniFi kit, you already own one of the simplest remote-access VPNs on the market and you might not know it. Ubiquiti Teleport turns a laptop or phone into a member of your office network with a single tap, no port forwarding, no certificates and no licence fee. We switch it on for small teams across South Wales regularly, and it is often the fastest way to get people working from home safely. Here is how it actually works in 2026, and where its simplicity stops being a virtue.
What Teleport is, and its 2026 naming
Worth clearing up first, because product names shift. As of 2026 the product is still called Teleport, documented by Ubiquiti as "UniFi Gateway - Teleport VPN". It is a first-party feature of UniFi OS, not a separate purchase or a rebrand. You will find it in your gateway's settings under Network Settings then VPN. So if you read an older guide calling it "UniFi Teleport" or a "one-click VPN", that is the same thing you will see in the interface today.
Under the surface, Teleport uses the WireGuard protocol, the same modern, fast VPN technology used by many large consumer VPN providers. Ubiquiti has wrapped that protocol in a zero-configuration experience so you never touch a WireGuard config file.
How it works: WireGuard under the bonnet, WiFiman on top
The flow is genuinely simple. From your UniFi console you generate an invitation, which produces a link. The remote user opens that link in the WiFiman app (available on mobile and desktop), and a WireGuard tunnel comes up connecting them back to your network. There are no firewall rules to write, no port forwarding to expose and no certificates to manage. Ubiquiti's cloud handles the introduction between the two ends, which is why it works even behind the typical home or mobile network.
Once connected, the user is effectively on your office network and their traffic routes back through it. For staff who need to reach an internal server, a NAS or a line-of-business application, that is exactly the behaviour you want.
What you need
Teleport is included at no extra cost, but it does have hardware and software prerequisites:
- A UniFi Cloud Gateway or Next-Gen Gateway running UniFi OS. Teleport lives on the gateway, so a UniFi network without a supported gateway cannot host it.
- UniFi Network 7.1 or later and Remote Access enabled on the console.
- The WiFiman app on each connecting device.
If you already run a UniFi Dream Machine, a Cloud Gateway or similar, you almost certainly meet the requirements today.
What we deploy Teleport for
Teleport shines in a specific set of situations, and we lean on it happily when they apply. A small professional-services firm in Bridgend that needs three or four people to reach the office file server from home gets Teleport enabled and tested inside an hour. A retail or hospitality group already standardised on UniFi uses it so a manager can jump onto the network to check systems out of hours. A sole trader who wants secure access to their own kit while travelling gets it without paying for anything extra.
The common thread is small user counts, existing UniFi hardware and a need for access rather than heavy policy control. In those cases Teleport is the pragmatic, cost-free answer, and reaching for a licensed enterprise client would be over-engineering.
The honest limitations
We would be doing you a disservice to pretend Teleport scales like an enterprise VPN. It is deliberately simple, and that simplicity has edges:
- Invitation links expire within 24 hours and each link works for a single device, so onboarding is a manual, per-device task.
- User management gets cumbersome at scale. There is no rich per-user policy engine here. For many people you would look at UniFi Identity or a different product entirely.
- It is full-tunnel by design, routing the user back through your network rather than offering the fine-grained split-tunnel and per-application rules of something like OpenVPN or Cisco Secure Client.
- No posture or compliance controls. Teleport checks that someone has a valid link, not that their device is patched, encrypted or free of malware.
None of these are faults exactly. They are the trade-offs of a tool built for one-click convenience rather than granular control.
Teleport vs the alternatives
Put simply, Teleport is the right call when you are already on UniFi, your user count is modest and you want access without cost or complexity. If your staff connect from restrictive networks that block WireGuard's UDP traffic, or you want vendor-neutral, self-hosted control, OpenVPN is the better fit. If you have compliance obligations, a larger headcount or an existing Cisco or Meraki estate, Cisco Secure Client brings the posture checks and identity integration Teleport does not attempt. Our remote-access VPN pillar guide compares all three in one place.
Getting Teleport working for your business
We design, deploy and support UniFi networks across Cardiff, Swansea, Bridgend, Newport and the wider South Wales area, and Teleport is part of how we deliver secure remote access as part of our firewall and VPN service. If you already run UniFi and want remote access done right, or you are weighing UniFi against other kit, get in touch for a free, no-obligation consultation and we will tell you honestly whether Teleport is enough or whether you have outgrown it.