Re: Firewall dropped 443 ipv6 traffic
wrote It's a VERY old issue with netfilter tracked connections where the FIN causes the track to drop and thus the RST is orphaned. Judging from capture, it's not a RST but an ACK package.My guess...
View ArticleHelp with Zone based firewall - advice wanted
Hi! I want to ask for some guidiance and help setting up my network. I am new to this but have learned a lot from these forums! Without any previos knowledge of firewalls, I felt that Zone Based...
View ArticleRe: 1:1 Nat for CPEs
Topic start raises a question:What's the gateway for 192.169.1.0/24 devices? And for 192.169.2.0/24 ?.....
View ArticleSNMP monitoring over the WAN site
Hello dear community, I have a question regarding SNMP. I would like to set it up so I can reach over the WAN side of the EdgeRouters Lite SNMP. For technical reasons, we can not set up a VPN and have...
View ArticleRe: edgeOS 1.8.5 | ribd uses much CPU
Downgrading the affected routers to 1.7.0 has stabilised them. We'll continue to monitor for the next few days
View ArticleRe: SNMP monitoring over the WAN site
You just need to all UDP port 161 on your WAN LOCAL ACL. I would limit the source IPs or networks that can hit it WAN-side to limit the potential impact of any future vulnerabilities in the SNMP...
View ArticleRe: Firewall dropped 443 ipv6 traffic
16again wrote:Judging from capture, it's not a RST but an ACK package.My guess it's probably caused by load-balancer at facebook site, and the webserver behind it, not teaming up nice on closed...
View ArticleRe: Route not being accepted
I see exactly the same symptoms with you config, looks like it is netmask /31 that is causing route conflict on Router B. I was able to fix this issue by switching to /30 netmask:RouterB(x.x.6.2/30)...
View ArticleRe: Route not being accepted
Hi, I'm using /31s because it's: - a point to point link- I don't want to waste IPv4 addresses where I don't have to Out of interest, if you change it back to a /31 and flush the session does the issue...
View ArticleRe: Route not being accepted
>> Out of interest, if you change it back to a /31 and flush the session does the issue come back?Yes, issue comes back as soon as I switch to /31 mask >> Can this be flagged as a bug in...
View ArticleRe: BT Internet IPv6 but not external IPv6 address
You won't get an external IPv6 address on your WAN port as it's not provided. The routing is happening on the LinkLocal addresses. Also, if you know of people that are having problems, I'd be...
View ArticleClik here to view.
Re: Route not being accepted
Hi, Thanks. I guess we have no choice but to downgrade the affected routers. This is really frustrating as I'm now having to downgrade two sets of routers - one to fix this issue and one to fix the...
View ArticleRe: WAN failover review and log question
Not sure if watchdog already writes to a log. At least you can add custom script, with only task to write events to log Post full config, so we can see load-balance rule is really being used.
View ArticleClik here to view.
Re: BT Internet IPv6 but not external IPv6 address
Matt, >> You won't get an external IPv6 address on your WAN port as it's not provided. The routing is happening on the LinkLocal addresses. Thanks very much for the reply. That explains why I'm...
View ArticleRe: BT Internet IPv6 but not external IPv6 address
Yep, that'll be it :-) Also, you have the line in of config:set interfaces ethernet eth0 pppoe 0 dhcpv6-pd prefix-onlyThis would stop you getting an interface address if one was being provided. But if...
View ArticleRe: BT Internet IPv6 but not external IPv6 address
James, Below are the firewall and interface parts of my config.boot. I have the EdgeRouter connected to a BT provided Huiwai modem on eth0. I use eth1 and eth2 for different segments in the network....
View ArticleRe: edgeOS 1.8.5 | ribd uses much CPU
coh84 wrote:I found the page, but unfortunately when I click on Beta Program it just sits there spinning. I've successfully registered to Beta program with my private account via Chrome browser. Maybe...
View ArticleRe: BT Internet IPv6 but not external IPv6 address
I think has a more fundamental problem at this stage. Based on what he sees in the log the PPP IPv6 Control Protocol Configure Request is getting rejected. Regards
View ArticleRe: BT Internet IPv6 but not external IPv6 address
That's true :-) James, can you post your config, and all of the log output you get when PPPoE starts?
View Article