Advice on new firewall rules
I have been reading for the past couple days about VLANs and firewalls. I am trying to get 3 areas setup on my network - LAN, Guest, and DMZ, All of my personal devices will be on the LAN and I want no...
View ArticleRe: Advice on new firewall rules
Here is my current config ...firewall { all-ping enable broadcast-ping disable ipv6-receive-redirects disable ipv6-src-route disable ip-src-route disable log-martians enable name WAN_IN {...
View ArticleRe: Advice on new firewall rules
First, in firewall rules there is no destination name network-name NAME. You should use destination address x.x.x.x/x. Also, for the LOCAL rules, you can use port 53,67 in a single rule. After accept...
View ArticleER5-PoE switch
I understand that there's a hardware switch in the ER5-PoE that sits "behind" the eth2-4 ports, but only through reading the forum an other people's blog posts. That little tidbit could be addressed in...
View ArticleClik here to view.
Re: Port Forwarding/Router Config Troubleshooting
Ok, I think I did what you all wanted, but i still don't work. I tried connecting on my phone not conneced through my home network to see if it would work and it didn't. Here are some screenshots of...
View ArticleRe: ER5-PoE switch
Use an actual switch.While some models have a switch, there's not much in the way of features that are exposed.
View ArticleRe: Port Forwarding/Router Config Troubleshooting
Also, I know in my origional post i said the workstation was on 192.168.0.70, But it is actually on 192.168.0.71 instead. The screenshots are correct. ;PAlso i set my isp box to bridge so its routing...
View ArticleRe: ERPoe-5 NAT, masquerade setup
No, the 1:1 NAT IPs go before the masquerade rule.For example,SNAT rule 5000 = source 192.168.1.150 / outside x.x.x.52SNAT 5010 = S 192...151 / out x.x.x.53SNAT 5020 = masquerade to x.x.x.51
View ArticleIs an EdgeRouter Lite recommended if you don't need separate VLANs?
I'm getting CenturyLink gigabit installed which requires VLAN 201 tagging. I've seen so many recommendations for the Ubiquity Edgerouter Lite on various forums, but in my research it seems that people...
View ArticleIssue with ports not forwarding
Hello All, Having a strange issue with port forwarding on edgemax router v1.9.0 Ports are-- Whats strange is 3 show open on port scan from the outside. Can anyone assist as this is a major issue that...
View ArticleRe: Advice on new firewall rules
Ok, here is the reworked code This ruleset allows all Established/Related traffic to enter the router unless the destination address is on the "LAN" or "Guest" networks It also drops invalid packets...
View ArticleRe: Advice on new firewall rules
justinhayes wrote:Did you create the firewall groups for your subnets?My VLANs have defined subnets that are unique so I am assuming that by applying the rulesets I created to the vif for each VLAN...
View ArticleRe: Advice on new firewall rules
You really ought to check the syntax of your rules which you can do in configure using the tab key. You cannot use destination address with a comma delimited list of subnets. For that you should create...
View ArticleRe: Got my own AS number and IP-adresses. How to configure EdgeMax routers ?
jjonsson wrote:@ClaudeSS Thanks a lot! That really a big help! What about RAM. Should I upgrade the EdgeRouter with more RAM to hold full BGP table ? Or maybe do like this guy, install BIND ?...
View ArticleRe: Troubleshooting "Network Down" complaints
On logs, with the following grep I get nothing unexplained:root@ubnt:/var/log# grep -v default-D messages*|grep -v sudo|grep -v dhcpd|grep -v CRON|grep -v \ su|grep -v sshd|grep -v promiscuous|grep -v...
View ArticleCritical PHP Vulnerabilities
Hi all, was running Nessus security scanner and it picked up 2 critical vulnerabilities on my EdgeOS router/firewall. Bascially its saying systems with releases lower than PHP 7.0.12 suffer many...
View ArticleRe: Troubleshooting "Network Down" complaints
You need to determine if the link goes down first ...use ping.Then look at VoIP / SIP settings.Also conntrack loose may help.
View Article