Re: Can't Connect to Work VPN
That worked. Allowing GRE in WAN_IN rule set allowed it to connect. Thank you all for the help.
View ArticleRe: my static IP address points to my router
Add a firewall to block ports 22, 80, and 443 on WAN_LOCAL, and add listen-on directives to system gui and system ssh to only listen to local ports. Do you have any firewall rules set?
View ArticleRe: Enable/Dissable a rule based on an external condition (internet on/off...
You can't use configure mode just like that, it'll give you errors.You have to create scrip like this #!/bin/vbash source /opt/vyatta/etc/functions/script-template configure set firewall name...
View ArticleRe: Edgerouter X enough for my home?
If you want any real bandwidth for the OpenVPN you are likely better off spinning up a server for it, but that is easy enough to do later as needs dictate.
View ArticleRe: Point to Point IPSec VPN
You have a dh group mismatch; one is group 2 and the other is 14. Set them the both to 14 and try again.
View ArticleRouter on a stick not working...Confused..
So I think everything is configured right on my edgeswitch and ERL. I do see macs both ways on vlan 30 but for some reason my device (smarthings) is not getting a ip from dhcp. What am I missing?...
View ArticleRe: OpenVPN site-to-site tunnel - ERLite to ERLite - best vpn throughput...
What is your latency between sites, and what protocol are you using? SMB/CIFS Windows shares generally seem to be latency limited rather than bandwidth limited. We have two sites with an IPSEC VPN...
View ArticleRe: EdgeMax rescue kit (now you can reinstall EdgeOS from scratch)
Are you seeing the "counterfit" firmware indications I mentioned in my previous post? From the main ERL web page, select the System option and see if the "genuine" graphic appears in the top right...
View ArticleRe: fix Bufferbloat on Edgerouter X (simply)
Thank you kindly for the responses.I will never a PC without the innate protection of a router, but I can say prior to having Comcast reducing the D/L speed, I recall having ~30MB down.I will attempt...
View ArticleRe: fix Bufferbloat on Edgerouter X (simply)
I matched my ERx to your screenshot, set rate(s) to both 15, and 1.5, both failed with F's on bufferbloat. http://www.dslreports.com/speedtest/6166112
View ArticleDefault route across IPSec VPN?
I have a site with a direct-to-internet connection, and I'm trying to emulate an MPLS connection with an IPSec tunnel. I want to pass all traffic from LAN hosts across the tunnel rather than directly...
View ArticleRe: fix Bufferbloat on Edgerouter X (simply)
I know what you mean, it's a scary world out there. I only do it for a minute during the test and it's something comcast will request before sending a tech.
View ArticleRe: fix Bufferbloat on Edgerouter X (simply)
Your first test result shows 4.81 / 2.17 Mbps. Your second test result shows 12.39 / 1.04 Mbps. As I said in my first post: "This is assuming your upload is reasonably stable.". Obviously, your...
View ArticleRe: Looking for advice on a large condo setup
A crucial element you don't describe is the construction.Most high-rise buildings have interior walls of very heavymaterials, because they are part of the support structure.If so, use an access point...
View ArticleRe: OpenVPN site-to-site tunnel - ERLite to ERLite - best vpn throughput...
I'm pretty sure OpenVPN is not hardware accelerated on an ERL or ER-X. IPSec can be, if you enable it and use the correct settings. The trick to making IPSec work is to make absolutely 100% sure that...
View ArticleRe: Looking for advice on a large condo setup
If these are condos, why the is the landlord providing anything more than a drop? Or why not allow Comcast / other ISPs to service it as a standard MDU - is there not a coax drop for every unit?If I...
View ArticleRe: Default route across IPSec VPN?
Easiest way to do this:Use VTI mode tunnel. Use PBR to route traffic coming from LAN through this tunnel
View ArticleClik here to view.
Re: Default route across IPSec VPN?
... wow, that was so obvious. I completely forgot about PBR. Thanks!Was already planning on a VTI tunnel, just tested it with a directly-attached ERX at HQ and had no problems getting the tunnel up.
View ArticleRe: How to close ports ? all my port are open from the outside
a single dNAT rule, not specifying source port , will map all ports. Beware when opening up management from the internet , and still using ubnt/ubnt login. You're a sitting duck for hackers.Probably...
View ArticleRe: Edgerouter X enough for my home?
OpenVPN server/client on all Edgerouters does not perform well. For example, on ER-X, it's only about a few mbit/s much less than the 880MHz CPU is capable of. You would be better off running OpenVPN...
View Article
