Re: New ER X replaced old router & DHCP server, different default gateway IP...
When the computer got the *.108 from the old DHCP, it has nothing to do with the ER DHCP. A DHCP server keeps track of its own DHCP range and reserves the IP addresses by MAC address for the configured...
View ArticleUpgrade from ERL to Edgerouter pro
After upgrading, everything is working but just a question about those additional ports, just create them on CLI and further nothing?
View ArticleRe: IPSEC Tunnel Up, but no traffic
Can you post the log tail from the CLI? try: On config010_____________set firewall name WAN_LOCAL rule 15 action acceptset firewall name WAN_LOCAL rule 15 description "ALLOW VPN"set firewall name...
View ArticleRe: IPSEC Tunnel Up, but no traffic
Hmm, if I do a "show tail log" it outputs some weird stuff about Jan 30 (???) and then times out. If I do a "show vpn log" here are the last few lines of that result... Oct 29 23:13:08 09[IKE]...
View ArticleRe: IPSEC Tunnel Up, but no traffic
No delete rule 20 in WAN_IN and create it in WAN_LOCAL.
View ArticleRe: IPSEC Tunnel Up, but no traffic
Also for the "esp" rule match-ipsecSet firewall name WAN_LOCAL rule 20 ipsec match-ipsec
View ArticleRe: Issue with ports not forwarding
Since you're using the port forward wizard, the rules are invisible / not shown.
View ArticleRe: Critical PHP Vulnerabilities
1.9.0 uses PHP 7.0.9. There is no newer beta at this time. The "custom protection" is called a firewall - use it, live it, love it. Rodney
View ArticleClik here to view.
Re: Is an EdgeRouter Lite recommended if you don't need separate VLANs?
Well, if you only need 4 ports, the ER-X would be fine. If you need more than 4, it's kind of a wash (though the erx is less expensive ).1. Yes2. No, ac-lite / ac-lr / ac-pro are gen2 units, the...
View ArticleQuestion: Migrating configuration from ER-PoE to ER-X?
I have, in service, an EdgeRouter PoE5 running v1.4.1, which I can't update the OS on without factory-resetting it because of a mistake I made attempting to remediate shellshock. I also have, not yet...
View ArticleRe: IPSEC Tunnel Up, but no traffic
Tried both... still no responses, but tunnel is still up and showing remote packets coming in on both sides... just not making the round trip. From what I've read, I really thought it was going to be...
View ArticleRe: IPSEC Tunnel Up, but no traffic
Try deleting the outbound interface eth0 setting on your VPN NAT exclude. Also, try typing grep default-D /var/log/messages|tail -n 20
View ArticleRe: IPSEC Tunnel Up, but no traffic
Well, it won't let me delete it... I tried switching it to switch0, but that didn't work, so I put it back to eth0... it keeps saying an interface is required if I try to remove it.
View ArticleRe: Question: Migrating configuration from ER-PoE to ER-X?
Easiest way is to copy the /config/config.boot from your POE to your ERX in your user directory, and do a "load ~/config.boot". If you are using any ssh keys or the like, they would also need to be...
View ArticleRe: IPSEC Tunnel Up, but no traffic
Tried that, it just brings up the prompt again.... so no error, but no reponse.
View ArticleRe: Upgrade from ERL to Edgerouter pro
Sure. I use one of my extra ports for debug when the config is stable-- just allow gui and ssh on that interface...
View ArticleRe: Question: Migrating configuration from ER-PoE to ER-X?
That simple? I was wondering about trying that, but I wasn't sure whether it would work between different models. Thanks! I'll give it a try.
View ArticleRe: Troubleshooting "Network Down" complaints
Maybe start logging snmp and see if anything jumps out.I use xymon for basic ping stuff and librenms for snmp.
View ArticleRe: Is an EdgeRouter Lite recommended if you don't need separate VLANs?
Thanks! So seems like I really need to find a cable installer locally to do an assessment as to what it will take to run Ethernet to each floor.
View ArticleRe: Troubleshooting "Network Down" complaints
What's your key life on Ike and IPSec?Maybe extend it to 86400 for Ike and 43200 for IPSec so it doesn't renegotiate often. A reasonable enc/hash like aes128/sha1 should be fine.
View Article
