ProtonVPN + UniFi Router (UDM) – Setting Up Multiple VPN Clients

By / / Leave a Comment
Advertisements

If you want to run multiple ProtonVPN connections simultaneously on a UniFi Dream Machine (UDM) router or any other UniFi gateway, you’ll quickly encounter a problem:
All generated WireGuard configuration files from ProtonVPN use the same internal IP address. As a result, only one VPN connection can be active at a time – all others will fail.

In this article, you’ll learn why this happens and how to fix it easily by changing just one line in your WireGuard configuration.

The Problem: Identical IP Addresses in WireGuard Configs

When you generate several WireGuard profiles from ProtonVPN (for example, for different countries or servers), they all contain the same IP address in the [Interface] section.

Advertisements

Example:

[Interface]
# Key for ProtonVPN-DE
# Bouncing = 15
# NetShield = 1
# Moderate NAT = on
# NAT-PMP (Port Forwarding) = off
# VPN Accelerator = on
PrivateKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Address = 10.2.0.2/32
DNS = 10.2.0.1

[Peer]
# DE#501
PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 194.126.177.8:51820

If you now create another profile (e.g., for Albania or any other location), it will look almost identical – including the same IP address 10.2.0.2/32.

The Cause: ProtonVPN Doesn’t Assign Unique IPs Per Profile

When ProtonVPN generates WireGuard configuration files, it assigns the same internal client address for your account each time.
This isn’t usually a problem if you connect only one device.
However, if you want to establish multiple VPN tunnels through a UniFi router (for example, for different VLANs, routing rules, or countries), each connection needs a unique internal address.

The Fix: Manually Change the IP Address

The solution is simple:
In each ProtonVPN WireGuard configuration file, edit the Address = ... line and increment the second number after the 10.
This allows multiple connections to coexist without conflicts.

Example:

First VPN Config (Germany)

[Interface]
Address = 10.2.0.2/32
DNS = 10.2.0.1

Second VPN Config (Albania)

[Interface]
Address = 10.3.0.2/32
DNS = 10.2.0.1

Third VPN Config (Switzerland)

[Interface]
Address = 10.4.0.2/32
DNS = 10.2.0.1

πŸ”Ή Important:
Only change the Address line in the [Interface] section.
Do not modify the PrivateKey, DNS, or Endpoint settings.

Setup on UniFi (UDM / UDM-Pro / UDR)

  1. Enable WireGuard:
    WireGuard is supported natively on UniFi devices (UDM/UDR) in newer firmware versions, or can be enabled via UDM-Tools.
  2. Create a VPN Client:
    In the UniFi Network interface, go to
    Settings β†’ Teleport & VPN β†’ VPN Clients β†’ Create New VPN Client.
  3. Import the WireGuard File:
    Choose file upload and import your modified ProtonVPN configuration.
  4. Add a Second VPN Client:
    Repeat the process using your next modified config (e.g., the one with Address = 10.3.0.2/32).
  5. Optional – Configure Routing:
    You can now use routing rules or VLANs to decide which traffic goes through which VPN tunnel.

Advantages of This Method

βœ… Run multiple VPN tunnels at the same time
βœ… No more IP conflicts between ProtonVPN connections
βœ… Simple fix without touching ProtonVPN server configs
βœ… Works on UniFi UDM, UDM-Pro, UDR, and UXG routers

Conclusion

ProtonVPN officially assigns only one WireGuard IP per account, but with a UniFi router setup, you can easily work around this limitation by manually adjusting the internal address.
This allows you to use multiple VPN clients simultaneously – perfect if you want different VLANs or locations routed through different ProtonVPN servers.

In short:

Just change Address = 10.2.0.2/32 to 10.3.0.2/32, 10.4.0.2/32, and so on – and your UniFi router can handle multiple ProtonVPN connections at the same time.

Advertisements

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top